/
SMCallTraceCore.c
277 lines (235 loc) · 7.59 KB
/
SMCallTraceCore.c
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
//
// SMCallTraceCore.c
// DecoupleDemo
//
// Created by DaiMing on 2017/7/16.
// Copyright © 2017年 Starming. All rights reserved.
//
#include "SMCallTraceCore.h"
#ifdef __aarch64__
#include "fishhook.h"
#pragma mark - Record
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <stddef.h>
#include <stdint.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <sys/time.h>
#include <objc/message.h>
#include <objc/runtime.h>
#include <dispatch/dispatch.h>
#include <pthread.h>
static bool _call_record_enabled = true;
static uint64_t _min_time_cost = 1000; //us
static int _max_call_depth = 3;
static pthread_key_t _thread_key;
__unused static id (*orig_objc_msgSend)(id, SEL, ...);
static smCallRecord *_smCallRecords;
//static int otp_record_num;
//static int otp_record_alloc;
static int _smRecordNum;
static int _smRecordAlloc;
typedef struct thread_call_record {
id self; //通过 object_getClass 能够得到 Class 再通过 NSStringFromClass 能够得到类名
Class cls;
SEL cmd; //通过 NSStringFromSelector 方法能够得到方法名
uint64_t time; //us
uintptr_t lr; // link register
struct thread_call_record *caller_record; //调用该方法的信息
} thread_call_record;
typedef struct {
thread_call_record *stack;
int allocated_length;
int index;
bool is_main_thread;
} thread_call_stack;
static inline thread_call_stack * get_thread_call_stack() {
thread_call_stack *cs = (thread_call_stack *)pthread_getspecific(_thread_key);
if (cs == NULL) {
cs = (thread_call_stack *)malloc(sizeof(thread_call_stack));
cs->stack = (thread_call_record *)calloc(128, sizeof(thread_call_record));
cs->allocated_length = 64;
cs->index = -1;
cs->is_main_thread = pthread_main_np();
pthread_setspecific(_thread_key, cs);
}
return cs;
}
static void release_thread_call_stack(void *ptr) {
thread_call_stack *cs = (thread_call_stack *)ptr;
if (!cs) return;
if (cs->stack) free(cs->stack);
free(cs);
}
static inline void push_call_record(id _self, Class _cls, SEL _cmd, uintptr_t lr) {
thread_call_stack *cs = get_thread_call_stack();
if (cs) {
int nextIndex = (++cs->index);
if (nextIndex >= cs->allocated_length) {
cs->allocated_length += 64;
cs->stack = (thread_call_record *)realloc(cs->stack, cs->allocated_length * sizeof(thread_call_record));
}
thread_call_record *newRecord = &cs->stack[nextIndex];
newRecord->self = _self;
newRecord->cls = _cls;
newRecord->cmd = _cmd;
newRecord->lr = lr;
if (nextIndex > 0) {
newRecord->caller_record = cs->stack;
}
if (cs->is_main_thread && _call_record_enabled) {
struct timeval now;
gettimeofday(&now, NULL);
newRecord->time = (now.tv_sec % 100) * 1000000 + now.tv_usec;
}
}
}
static inline uintptr_t pop_call_record() {
thread_call_stack *cs = get_thread_call_stack();
int curIndex = cs->index;
int nextIndex = cs->index--;
thread_call_record *pRecord = &cs->stack[nextIndex];
if (cs->is_main_thread && _call_record_enabled) {
struct timeval now;
gettimeofday(&now, NULL);
uint64_t time = (now.tv_sec % 100) * 1000000 + now.tv_usec;
if (time < pRecord->time) {
time += 100 * 1000000;
}
uint64_t cost = time - pRecord->time;
if (cost > _min_time_cost && cs->index < _max_call_depth) {
if (!_smCallRecords) {
_smRecordAlloc = 1024;
_smCallRecords = malloc(sizeof(smCallRecord) * _smRecordAlloc);
}
_smRecordNum++;
if (_smRecordNum >= _smRecordAlloc) {
_smRecordAlloc += 1024;
_smCallRecords = realloc(_smCallRecords, sizeof(smCallRecord) * _smRecordAlloc);
}
smCallRecord *log = &_smCallRecords[_smRecordNum - 1];
log->cls = pRecord->cls;
log->depth = curIndex;
log->sel = pRecord->cmd;
log->time = cost;
log->lr = pRecord->lr;
if (pRecord->caller_record != NULL) {
smCallRecord *caller_record = (smCallRecord *)malloc(sizeof(smCallRecord));
caller_record->cls = pRecord->caller_record->cls;
caller_record->sel = pRecord->caller_record->cmd;
caller_record->lr = pRecord->caller_record->lr;
log->caller_record = caller_record;
}
}
}
return pRecord->lr;
}
void before_objc_msgSend(id self, SEL _cmd, uintptr_t lr) {
push_call_record(self, object_getClass(self), _cmd, lr);
}
uintptr_t after_objc_msgSend() {
return pop_call_record();
}
//replacement objc_msgSend (arm64)
// https://blog.nelhage.com/2010/10/amd64-and-va_arg/
// http://infocenter.arm.com/help/topic/com.arm.doc.ihi0055b/IHI0055B_aapcs64.pdf
// https://developer.apple.com/library/ios/documentation/Xcode/Conceptual/iPhoneOSABIReference/Articles/ARM64FunctionCallingConventions.html
#define call(b, value) \
__asm volatile ("stp x8, x9, [sp, #-16]!\n"); \
__asm volatile ("mov x12, %0\n" :: "r"(value)); \
__asm volatile ("ldp x8, x9, [sp], #16\n"); \
__asm volatile (#b " x12\n");
#define save() \
__asm volatile ( \
"stp x8, x9, [sp, #-16]!\n" \
"stp x6, x7, [sp, #-16]!\n" \
"stp x4, x5, [sp, #-16]!\n" \
"stp x2, x3, [sp, #-16]!\n" \
"stp x0, x1, [sp, #-16]!\n");
#define load() \
__asm volatile ( \
"ldp x0, x1, [sp], #16\n" \
"ldp x2, x3, [sp], #16\n" \
"ldp x4, x5, [sp], #16\n" \
"ldp x6, x7, [sp], #16\n" \
"ldp x8, x9, [sp], #16\n" );
#define link(b, value) \
__asm volatile ("stp x8, lr, [sp, #-16]!\n"); \
__asm volatile ("sub sp, sp, #16\n"); \
call(b, value); \
__asm volatile ("add sp, sp, #16\n"); \
__asm volatile ("ldp x8, lr, [sp], #16\n");
#define ret() __asm volatile ("ret\n");
__attribute__((__naked__))
static void hook_Objc_msgSend() {
// Save parameters.
save()
__asm volatile ("mov x2, lr\n");
__asm volatile ("mov x3, x4\n");
// Call our before_objc_msgSend.
call(blr, &before_objc_msgSend)
// Load parameters.
load()
// Call through to the original objc_msgSend.
call(blr, orig_objc_msgSend)
// Save original objc_msgSend return value.
save()
// Call our after_objc_msgSend.
call(blr, &after_objc_msgSend)
// restore lr
__asm volatile ("mov lr, x0\n");
// Load original objc_msgSend return value.
load()
// return
ret()
}
#pragma mark public
void smCallTraceStart() {
_call_record_enabled = true;
static dispatch_once_t onceToken;
dispatch_once(&onceToken, ^{
pthread_key_create(&_thread_key, &release_thread_call_stack);
rebind_symbols((struct rebinding[6]){
{"objc_msgSend", (void *)hook_Objc_msgSend, (void **)&orig_objc_msgSend},
}, 1);
});
}
void smCallTraceStop() {
_call_record_enabled = false;
}
void smCallConfigMinTime(uint64_t us) {
_min_time_cost = us;
}
void smCallConfigMaxDepth(int depth) {
_max_call_depth = depth;
}
smCallRecord *smGetCallRecords(int *num) {
if (num) {
*num = _smRecordNum;
}
return _smCallRecords;
}
void smClearCallRecords() {
if (_smCallRecords) {
free(_smCallRecords);
_smCallRecords = NULL;
}
_smRecordNum = 0;
}
#else
void smCallTraceStart() {}
void smCallTraceStop() {}
void smCallConfigMinTime(uint64_t us) {
}
void smCallConfigMaxDepth(int depth) {
}
smCallRecord *smGetCallRecords(int *num) {
if (num) {
*num = 0;
}
return NULL;
}
void smClearCallRecords() {}
#endif