1 // SPDX-License-Identifier: GPL-2.0-only
3 * thread-stack.c: Synthesize a thread's stack using call / return events
4 * Copyright (c) 2014, Intel Corporation.
7 #include <linux/rbtree.h>
8 #include <linux/list.h>
9 #include <linux/log2.h>
10 #include <linux/zalloc.h>
21 #include "call-path.h"
22 #include "thread-stack.h"
24 #define STACK_GROWTH 2048
27 * State of retpoline detection.
29 * RETPOLINE_NONE: no retpoline detection
30 * X86_RETPOLINE_POSSIBLE: x86 retpoline possible
31 * X86_RETPOLINE_DETECTED: x86 retpoline detected
33 enum retpoline_state_t {
35 X86_RETPOLINE_POSSIBLE,
36 X86_RETPOLINE_DETECTED,
40 * struct thread_stack_entry - thread stack entry.
41 * @ret_addr: return address
42 * @timestamp: timestamp (if known)
43 * @ref: external reference (e.g. db_id of sample)
44 * @branch_count: the branch count when the entry was created
45 * @insn_count: the instruction count when the entry was created
46 * @cyc_count the cycle count when the entry was created
47 * @db_id: id used for db-export
49 * @no_call: a 'call' was not seen
50 * @trace_end: a 'call' but trace ended
51 * @non_call: a branch but not a 'call' to the start of a different symbol
53 struct thread_stack_entry {
68 * struct thread_stack - thread stack constructed from 'call' and 'return'
70 * @stack: array that holds the stack
71 * @cnt: number of entries in the stack
72 * @sz: current maximum stack size
73 * @trace_nr: current trace number
74 * @branch_count: running branch count
75 * @insn_count: running instruction count
76 * @cyc_count running cycle count
77 * @kernel_start: kernel start address
78 * @last_time: last timestamp
79 * @crp: call/return processor
81 * @arr_sz: size of array if this is the first element of an array
82 * @rstate: used to detect retpolines
85 struct thread_stack_entry *stack;
94 struct call_return_processor *crp;
97 enum retpoline_state_t rstate;
101 * Assume pid == tid == 0 identifies the idle task as defined by
102 * perf_session__register_idle_thread(). The idle task is really 1 task per cpu,
103 * and therefore requires a stack for each cpu.
105 static inline bool thread_stack__per_cpu(struct thread *thread)
107 return !(thread->tid || thread->pid_);
110 static int thread_stack__grow(struct thread_stack *ts)
112 struct thread_stack_entry *new_stack;
115 new_sz = ts->sz + STACK_GROWTH;
116 sz = new_sz * sizeof(struct thread_stack_entry);
118 new_stack = realloc(ts->stack, sz);
122 ts->stack = new_stack;
128 static int thread_stack__init(struct thread_stack *ts, struct thread *thread,
129 struct call_return_processor *crp)
133 err = thread_stack__grow(ts);
137 if (thread->maps && thread->maps->machine) {
138 struct machine *machine = thread->maps->machine;
139 const char *arch = perf_env__arch(machine->env);
141 ts->kernel_start = machine__kernel_start(machine);
142 if (!strcmp(arch, "x86"))
143 ts->rstate = X86_RETPOLINE_POSSIBLE;
145 ts->kernel_start = 1ULL << 63;
152 static struct thread_stack *thread_stack__new(struct thread *thread, int cpu,
153 struct call_return_processor *crp)
155 struct thread_stack *ts = thread->ts, *new_ts;
156 unsigned int old_sz = ts ? ts->arr_sz : 0;
157 unsigned int new_sz = 1;
159 if (thread_stack__per_cpu(thread) && cpu > 0)
160 new_sz = roundup_pow_of_two(cpu + 1);
162 if (!ts || new_sz > old_sz) {
163 new_ts = calloc(new_sz, sizeof(*ts));
167 memcpy(new_ts, ts, old_sz * sizeof(*ts));
168 new_ts->arr_sz = new_sz;
174 if (thread_stack__per_cpu(thread) && cpu > 0 &&
175 (unsigned int)cpu < ts->arr_sz)
179 thread_stack__init(ts, thread, crp))
185 static struct thread_stack *thread__cpu_stack(struct thread *thread, int cpu)
187 struct thread_stack *ts = thread->ts;
192 if (!ts || (unsigned int)cpu >= ts->arr_sz)
203 static inline struct thread_stack *thread__stack(struct thread *thread,
209 if (thread_stack__per_cpu(thread))
210 return thread__cpu_stack(thread, cpu);
215 static int thread_stack__push(struct thread_stack *ts, u64 ret_addr,
220 if (ts->cnt == ts->sz) {
221 err = thread_stack__grow(ts);
223 pr_warning("Out of memory: discarding thread stack\n");
228 ts->stack[ts->cnt].trace_end = trace_end;
229 ts->stack[ts->cnt++].ret_addr = ret_addr;
234 static void thread_stack__pop(struct thread_stack *ts, u64 ret_addr)
239 * In some cases there may be functions which are not seen to return.
240 * For example when setjmp / longjmp has been used. Or the perf context
241 * switch in the kernel which doesn't stop and start tracing in exactly
242 * the same code path. When that happens the return address will be
243 * further down the stack. If the return address is not found at all,
244 * we assume the opposite (i.e. this is a return for a call that wasn't
245 * seen for some reason) and leave the stack alone.
247 for (i = ts->cnt; i; ) {
248 if (ts->stack[--i].ret_addr == ret_addr) {
255 static void thread_stack__pop_trace_end(struct thread_stack *ts)
259 for (i = ts->cnt; i; ) {
260 if (ts->stack[--i].trace_end)
267 static bool thread_stack__in_kernel(struct thread_stack *ts)
272 return ts->stack[ts->cnt - 1].cp->in_kernel;
275 static int thread_stack__call_return(struct thread *thread,
276 struct thread_stack *ts, size_t idx,
277 u64 timestamp, u64 ref, bool no_return)
279 struct call_return_processor *crp = ts->crp;
280 struct thread_stack_entry *tse;
281 struct call_return cr = {
288 tse = &ts->stack[idx];
290 cr.call_time = tse->timestamp;
291 cr.return_time = timestamp;
292 cr.branch_count = ts->branch_count - tse->branch_count;
293 cr.insn_count = ts->insn_count - tse->insn_count;
294 cr.cyc_count = ts->cyc_count - tse->cyc_count;
295 cr.db_id = tse->db_id;
296 cr.call_ref = tse->ref;
299 cr.flags |= CALL_RETURN_NO_CALL;
301 cr.flags |= CALL_RETURN_NO_RETURN;
303 cr.flags |= CALL_RETURN_NON_CALL;
306 * The parent db_id must be assigned before exporting the child. Note
307 * it is not possible to export the parent first because its information
308 * is not yet complete because its 'return' has not yet been processed.
310 parent_db_id = idx ? &(tse - 1)->db_id : NULL;
312 return crp->process(&cr, parent_db_id, crp->data);
315 static int __thread_stack__flush(struct thread *thread, struct thread_stack *ts)
317 struct call_return_processor *crp = ts->crp;
326 err = thread_stack__call_return(thread, ts, --ts->cnt,
327 ts->last_time, 0, true);
329 pr_err("Error flushing thread stack!\n");
338 int thread_stack__flush(struct thread *thread)
340 struct thread_stack *ts = thread->ts;
345 for (pos = 0; pos < ts->arr_sz; pos++) {
346 int ret = __thread_stack__flush(thread, ts + pos);
356 int thread_stack__event(struct thread *thread, int cpu, u32 flags, u64 from_ip,
357 u64 to_ip, u16 insn_len, u64 trace_nr)
359 struct thread_stack *ts = thread__stack(thread, cpu);
365 ts = thread_stack__new(thread, cpu, NULL);
367 pr_warning("Out of memory: no thread stack\n");
370 ts->trace_nr = trace_nr;
374 * When the trace is discontinuous, the trace_nr changes. In that case
375 * the stack might be completely invalid. Better to report nothing than
376 * to report something misleading, so flush the stack.
378 if (trace_nr != ts->trace_nr) {
380 __thread_stack__flush(thread, ts);
381 ts->trace_nr = trace_nr;
384 /* Stop here if thread_stack__process() is in use */
388 if (flags & PERF_IP_FLAG_CALL) {
393 ret_addr = from_ip + insn_len;
394 if (ret_addr == to_ip)
395 return 0; /* Zero-length calls are excluded */
396 return thread_stack__push(ts, ret_addr,
397 flags & PERF_IP_FLAG_TRACE_END);
398 } else if (flags & PERF_IP_FLAG_TRACE_BEGIN) {
400 * If the caller did not change the trace number (which would
401 * have flushed the stack) then try to make sense of the stack.
402 * Possibly, tracing began after returning to the current
403 * address, so try to pop that. Also, do not expect a call made
404 * when the trace ended, to return, so pop that.
406 thread_stack__pop(ts, to_ip);
407 thread_stack__pop_trace_end(ts);
408 } else if ((flags & PERF_IP_FLAG_RETURN) && from_ip) {
409 thread_stack__pop(ts, to_ip);
415 void thread_stack__set_trace_nr(struct thread *thread, int cpu, u64 trace_nr)
417 struct thread_stack *ts = thread__stack(thread, cpu);
422 if (trace_nr != ts->trace_nr) {
424 __thread_stack__flush(thread, ts);
425 ts->trace_nr = trace_nr;
429 static void __thread_stack__free(struct thread *thread, struct thread_stack *ts)
431 __thread_stack__flush(thread, ts);
435 static void thread_stack__reset(struct thread *thread, struct thread_stack *ts)
437 unsigned int arr_sz = ts->arr_sz;
439 __thread_stack__free(thread, ts);
440 memset(ts, 0, sizeof(*ts));
444 void thread_stack__free(struct thread *thread)
446 struct thread_stack *ts = thread->ts;
450 for (pos = 0; pos < ts->arr_sz; pos++)
451 __thread_stack__free(thread, ts + pos);
456 static inline u64 callchain_context(u64 ip, u64 kernel_start)
458 return ip < kernel_start ? PERF_CONTEXT_USER : PERF_CONTEXT_KERNEL;
461 void thread_stack__sample(struct thread *thread, int cpu,
462 struct ip_callchain *chain,
463 size_t sz, u64 ip, u64 kernel_start)
465 struct thread_stack *ts = thread__stack(thread, cpu);
466 u64 context = callchain_context(ip, kernel_start);
475 chain->ips[0] = context;
483 last_context = context;
485 for (i = 2, j = 1; i < sz && j <= ts->cnt; i++, j++) {
486 ip = ts->stack[ts->cnt - j].ret_addr;
487 context = callchain_context(ip, kernel_start);
488 if (context != last_context) {
491 chain->ips[i++] = context;
492 last_context = context;
501 * Hardware sample records, created some time after the event occurred, need to
502 * have subsequent addresses removed from the call chain.
504 void thread_stack__sample_late(struct thread *thread, int cpu,
505 struct ip_callchain *chain, size_t sz,
506 u64 sample_ip, u64 kernel_start)
508 struct thread_stack *ts = thread__stack(thread, cpu);
509 u64 sample_context = callchain_context(sample_ip, kernel_start);
510 u64 last_context, context, ip;
522 * When tracing kernel space, kernel addresses occur at the top of the
523 * call chain after the event occurred but before tracing stopped.
526 for (j = 1; j <= ts->cnt; j++) {
527 ip = ts->stack[ts->cnt - j].ret_addr;
528 context = callchain_context(ip, kernel_start);
529 if (context == PERF_CONTEXT_USER ||
530 (context == sample_context && ip == sample_ip))
534 last_context = sample_ip; /* Use sample_ip as an invalid context */
536 for (; nr < sz && j <= ts->cnt; nr++, j++) {
537 ip = ts->stack[ts->cnt - j].ret_addr;
538 context = callchain_context(ip, kernel_start);
539 if (context != last_context) {
542 chain->ips[nr++] = context;
543 last_context = context;
551 chain->ips[0] = sample_context;
552 chain->ips[1] = sample_ip;
557 struct call_return_processor *
558 call_return_processor__new(int (*process)(struct call_return *cr, u64 *parent_db_id, void *data),
561 struct call_return_processor *crp;
563 crp = zalloc(sizeof(struct call_return_processor));
566 crp->cpr = call_path_root__new();
569 crp->process = process;
578 void call_return_processor__free(struct call_return_processor *crp)
581 call_path_root__free(crp->cpr);
586 static int thread_stack__push_cp(struct thread_stack *ts, u64 ret_addr,
587 u64 timestamp, u64 ref, struct call_path *cp,
588 bool no_call, bool trace_end)
590 struct thread_stack_entry *tse;
596 if (ts->cnt == ts->sz) {
597 err = thread_stack__grow(ts);
602 tse = &ts->stack[ts->cnt++];
603 tse->ret_addr = ret_addr;
604 tse->timestamp = timestamp;
606 tse->branch_count = ts->branch_count;
607 tse->insn_count = ts->insn_count;
608 tse->cyc_count = ts->cyc_count;
610 tse->no_call = no_call;
611 tse->trace_end = trace_end;
612 tse->non_call = false;
618 static int thread_stack__pop_cp(struct thread *thread, struct thread_stack *ts,
619 u64 ret_addr, u64 timestamp, u64 ref,
628 struct thread_stack_entry *tse = &ts->stack[0];
630 if (tse->cp->sym == sym)
631 return thread_stack__call_return(thread, ts, --ts->cnt,
632 timestamp, ref, false);
635 if (ts->stack[ts->cnt - 1].ret_addr == ret_addr &&
636 !ts->stack[ts->cnt - 1].non_call) {
637 return thread_stack__call_return(thread, ts, --ts->cnt,
638 timestamp, ref, false);
640 size_t i = ts->cnt - 1;
643 if (ts->stack[i].ret_addr != ret_addr ||
644 ts->stack[i].non_call)
647 while (ts->cnt > i) {
648 err = thread_stack__call_return(thread, ts,
655 return thread_stack__call_return(thread, ts, --ts->cnt,
656 timestamp, ref, false);
663 static int thread_stack__bottom(struct thread_stack *ts,
664 struct perf_sample *sample,
665 struct addr_location *from_al,
666 struct addr_location *to_al, u64 ref)
668 struct call_path_root *cpr = ts->crp->cpr;
669 struct call_path *cp;
676 } else if (sample->addr) {
683 cp = call_path__findnew(cpr, &cpr->call_path, sym, ip,
686 return thread_stack__push_cp(ts, ip, sample->time, ref, cp,
690 static int thread_stack__pop_ks(struct thread *thread, struct thread_stack *ts,
691 struct perf_sample *sample, u64 ref)
693 u64 tm = sample->time;
696 /* Return to userspace, so pop all kernel addresses */
697 while (thread_stack__in_kernel(ts)) {
698 err = thread_stack__call_return(thread, ts, --ts->cnt,
707 static int thread_stack__no_call_return(struct thread *thread,
708 struct thread_stack *ts,
709 struct perf_sample *sample,
710 struct addr_location *from_al,
711 struct addr_location *to_al, u64 ref)
713 struct call_path_root *cpr = ts->crp->cpr;
714 struct call_path *root = &cpr->call_path;
715 struct symbol *fsym = from_al->sym;
716 struct symbol *tsym = to_al->sym;
717 struct call_path *cp, *parent;
718 u64 ks = ts->kernel_start;
719 u64 addr = sample->addr;
720 u64 tm = sample->time;
724 if (ip >= ks && addr < ks) {
725 /* Return to userspace, so pop all kernel addresses */
726 err = thread_stack__pop_ks(thread, ts, sample, ref);
730 /* If the stack is empty, push the userspace address */
732 cp = call_path__findnew(cpr, root, tsym, addr, ks);
733 return thread_stack__push_cp(ts, 0, tm, ref, cp, true,
736 } else if (thread_stack__in_kernel(ts) && ip < ks) {
737 /* Return to userspace, so pop all kernel addresses */
738 err = thread_stack__pop_ks(thread, ts, sample, ref);
744 parent = ts->stack[ts->cnt - 1].cp;
748 if (parent->sym == from_al->sym) {
750 * At the bottom of the stack, assume the missing 'call' was
751 * before the trace started. So, pop the current symbol and push
755 err = thread_stack__call_return(thread, ts, --ts->cnt,
762 cp = call_path__findnew(cpr, root, tsym, addr, ks);
764 return thread_stack__push_cp(ts, addr, tm, ref, cp,
769 * Otherwise assume the 'return' is being used as a jump (e.g.
770 * retpoline) and just push the 'to' symbol.
772 cp = call_path__findnew(cpr, parent, tsym, addr, ks);
774 err = thread_stack__push_cp(ts, 0, tm, ref, cp, true, false);
776 ts->stack[ts->cnt - 1].non_call = true;
782 * Assume 'parent' has not yet returned, so push 'to', and then push and
786 cp = call_path__findnew(cpr, parent, tsym, addr, ks);
788 err = thread_stack__push_cp(ts, addr, tm, ref, cp, true, false);
792 cp = call_path__findnew(cpr, cp, fsym, ip, ks);
794 err = thread_stack__push_cp(ts, ip, tm, ref, cp, true, false);
798 return thread_stack__call_return(thread, ts, --ts->cnt, tm, ref, false);
801 static int thread_stack__trace_begin(struct thread *thread,
802 struct thread_stack *ts, u64 timestamp,
805 struct thread_stack_entry *tse;
812 tse = &ts->stack[ts->cnt - 1];
813 if (tse->trace_end) {
814 err = thread_stack__call_return(thread, ts, --ts->cnt,
815 timestamp, ref, false);
823 static int thread_stack__trace_end(struct thread_stack *ts,
824 struct perf_sample *sample, u64 ref)
826 struct call_path_root *cpr = ts->crp->cpr;
827 struct call_path *cp;
830 /* No point having 'trace end' on the bottom of the stack */
831 if (!ts->cnt || (ts->cnt == 1 && ts->stack[0].ref == ref))
834 cp = call_path__findnew(cpr, ts->stack[ts->cnt - 1].cp, NULL, 0,
837 ret_addr = sample->ip + sample->insn_len;
839 return thread_stack__push_cp(ts, ret_addr, sample->time, ref, cp,
843 static bool is_x86_retpoline(const char *name)
845 const char *p = strstr(name, "__x86_indirect_thunk_");
847 return p == name || !strcmp(name, "__indirect_thunk_start");
851 * x86 retpoline functions pollute the call graph. This function removes them.
852 * This does not handle function return thunks, nor is there any improvement
853 * for the handling of inline thunks or extern thunks.
855 static int thread_stack__x86_retpoline(struct thread_stack *ts,
856 struct perf_sample *sample,
857 struct addr_location *to_al)
859 struct thread_stack_entry *tse = &ts->stack[ts->cnt - 1];
860 struct call_path_root *cpr = ts->crp->cpr;
861 struct symbol *sym = tse->cp->sym;
862 struct symbol *tsym = to_al->sym;
863 struct call_path *cp;
865 if (sym && is_x86_retpoline(sym->name)) {
867 * This is a x86 retpoline fn. It pollutes the call graph by
868 * showing up everywhere there is an indirect branch, but does
869 * not itself mean anything. Here the top-of-stack is removed,
870 * by decrementing the stack count, and then further down, the
871 * resulting top-of-stack is replaced with the actual target.
872 * The result is that the retpoline functions will no longer
873 * appear in the call graph. Note this only affects the call
874 * graph, since all the original branches are left unchanged.
877 sym = ts->stack[ts->cnt - 2].cp->sym;
878 if (sym && sym == tsym && to_al->addr != tsym->start) {
880 * Target is back to the middle of the symbol we came
881 * from so assume it is an indirect jmp and forget it
887 } else if (sym && sym == tsym) {
889 * Target is back to the symbol we came from so assume it is an
890 * indirect jmp and forget it altogether.
896 cp = call_path__findnew(cpr, ts->stack[ts->cnt - 2].cp, tsym,
897 sample->addr, ts->kernel_start);
901 /* Replace the top-of-stack with the actual target */
902 ts->stack[ts->cnt - 1].cp = cp;
907 int thread_stack__process(struct thread *thread, struct comm *comm,
908 struct perf_sample *sample,
909 struct addr_location *from_al,
910 struct addr_location *to_al, u64 ref,
911 struct call_return_processor *crp)
913 struct thread_stack *ts = thread__stack(thread, sample->cpu);
914 enum retpoline_state_t rstate;
917 if (ts && !ts->crp) {
918 /* Supersede thread_stack__event() */
919 thread_stack__reset(thread, ts);
924 ts = thread_stack__new(thread, sample->cpu, crp);
931 if (rstate == X86_RETPOLINE_DETECTED)
932 ts->rstate = X86_RETPOLINE_POSSIBLE;
934 /* Flush stack on exec */
935 if (ts->comm != comm && thread->pid_ == thread->tid) {
936 err = __thread_stack__flush(thread, ts);
942 /* If the stack is empty, put the current symbol on the stack */
944 err = thread_stack__bottom(ts, sample, from_al, to_al, ref);
949 ts->branch_count += 1;
950 ts->insn_count += sample->insn_cnt;
951 ts->cyc_count += sample->cyc_cnt;
952 ts->last_time = sample->time;
954 if (sample->flags & PERF_IP_FLAG_CALL) {
955 bool trace_end = sample->flags & PERF_IP_FLAG_TRACE_END;
956 struct call_path_root *cpr = ts->crp->cpr;
957 struct call_path *cp;
960 if (!sample->ip || !sample->addr)
963 ret_addr = sample->ip + sample->insn_len;
964 if (ret_addr == sample->addr)
965 return 0; /* Zero-length calls are excluded */
967 cp = call_path__findnew(cpr, ts->stack[ts->cnt - 1].cp,
968 to_al->sym, sample->addr,
970 err = thread_stack__push_cp(ts, ret_addr, sample->time, ref,
971 cp, false, trace_end);
974 * A call to the same symbol but not the start of the symbol,
975 * may be the start of a x86 retpoline.
977 if (!err && rstate == X86_RETPOLINE_POSSIBLE && to_al->sym &&
978 from_al->sym == to_al->sym &&
979 to_al->addr != to_al->sym->start)
980 ts->rstate = X86_RETPOLINE_DETECTED;
982 } else if (sample->flags & PERF_IP_FLAG_RETURN) {
984 u32 return_from_kernel = PERF_IP_FLAG_SYSCALLRET |
985 PERF_IP_FLAG_INTERRUPT;
987 if (!(sample->flags & return_from_kernel))
990 /* Pop kernel stack */
991 return thread_stack__pop_ks(thread, ts, sample, ref);
997 /* x86 retpoline 'return' doesn't match the stack */
998 if (rstate == X86_RETPOLINE_DETECTED && ts->cnt > 2 &&
999 ts->stack[ts->cnt - 1].ret_addr != sample->addr)
1000 return thread_stack__x86_retpoline(ts, sample, to_al);
1002 err = thread_stack__pop_cp(thread, ts, sample->addr,
1003 sample->time, ref, from_al->sym);
1007 err = thread_stack__no_call_return(thread, ts, sample,
1008 from_al, to_al, ref);
1010 } else if (sample->flags & PERF_IP_FLAG_TRACE_BEGIN) {
1011 err = thread_stack__trace_begin(thread, ts, sample->time, ref);
1012 } else if (sample->flags & PERF_IP_FLAG_TRACE_END) {
1013 err = thread_stack__trace_end(ts, sample, ref);
1014 } else if (sample->flags & PERF_IP_FLAG_BRANCH &&
1015 from_al->sym != to_al->sym && to_al->sym &&
1016 to_al->addr == to_al->sym->start) {
1017 struct call_path_root *cpr = ts->crp->cpr;
1018 struct call_path *cp;
1021 * The compiler might optimize a call/ret combination by making
1022 * it a jmp. Make that visible by recording on the stack a
1023 * branch to the start of a different symbol. Note, that means
1024 * when a ret pops the stack, all jmps must be popped off first.
1026 cp = call_path__findnew(cpr, ts->stack[ts->cnt - 1].cp,
1027 to_al->sym, sample->addr,
1029 err = thread_stack__push_cp(ts, 0, sample->time, ref, cp, false,
1032 ts->stack[ts->cnt - 1].non_call = true;
1038 size_t thread_stack__depth(struct thread *thread, int cpu)
1040 struct thread_stack *ts = thread__stack(thread, cpu);
projects / linux-2.6-microblaze.git / blob