There are still lots of kinks to iron out of this, but it gets some of the
basic plumbing in place for symbolizing. Particularly, we're not at all
yet addressing the overlays in the capture which will be needed to do some
handling of Flatpak/Podman processes.
Basic build-id/file-inode checks are done, but we just return NULL in those
cases (unlike previously in Sysprof where we would say "Inode Mismatch". In
those cases the fallback path is hit now which will just give a file path
plus instruction-pointer offset. We can show more details though in the
future now that we have more objects to represent things.
We want to know the inode of the FD that was mmaped so that we can check
the requested inode when processing the address map from a particular
process.
We still want to load it into the cache as it could get used by other
symbols/mmap regions, but don't return the ELF if it won't match an inode
or build-id check. Rely on other fallbacks to create fallback symbols
for those use cases.
We do need to at least translate the path to what we would want to see
from the host system before inserting/resolving, so that we don't risk
collisions in the cache.
In podman (at least with toolbox) it appears to give access to home via
/var/run/host/home/ so we don't need to translate home paths at all.
However, Flatpak does not give you home access via that path so we just
have to hope that we have access to $HOME from whatever application
mount namespace we're running from. That means to do symbolizing in a
Flatpak app you'd likely need --filesystem=host to be useful.
This is the description of the field in fstab(5) so we want to match that
so it's a bit more clear what we're keying off of when translating to a
mount device we can access on the host.
This acts somewhat like g_file_get_relative_path() in that if it is not a
subdirectory of the parent, NULL is returned. Otherwise the relative path
is returned. We can just dive into the substring instead of copying which
is a bonus point.
We need to separate a number of concerns here, such as debug-dirs within
the process namespace vs global debug-dirs (external symbols on a developer
workstation vs IoT/Laptop/VM/alternate-device).
That means we need to be able to resolve paths via the mount namespace of
the process as it was seen in the capture file.
Additionally, we need to follow .gnu_debuglink section headers so that we
can associate the version with symbols with the ELF that is loaded from
the processes SysprofAddressLayout.
This at least gives more visibility into what location of the file is
being executed. That way you can separate different parts of the file
rather than one giant "this file" so long as we could unwind successfully.
Additionally this reduces some GHashTable lookup costs by doing it once
for the process-info per-traceable rather than one per instruction pointer
per traceable.
This does a simple binary search across the parsed kallsyms using the
addresses we've parsed. We need to be sure we've created the array properly
so that our bounds checking will prevent infinite loops in the tight
binary search loop.
Compressed, this adds about 2.5mb to the capture file for the contents of
the kallsyms. However, that is useful so that we can decode kernel symbols
after the fact without relying on __symbols__ to be tacked on by the
recording machine.
This adds an O(1) check at the head of the lookup to avoid looking at
every RB_RIGHT() in the tree when address falls beyond the upper bound of
the interval tree.
This instead moves to a public API on the document to symbolize now
that we've gotten much of the necessary bits private in loading the
document. This commit ensures that we only do loading via the loader
now (and removes the incorrect use from the tests so they too go
through the loader).
We check for NoSymbolizer in document symbols so that we can skip any
decoding. That keeps various use cases fast where you don't want to
waste time on symbolizing if you don't need to look at symbols.
There is plenty more we can do to batch decode symbols with some more
API changes, but that will come after we have kernel/userland decoding
integrated from this library.
We may still want to get all symbols into a single symbol cache, but
given that we have address ranges associated with them, that may not
be very useful beyond the hashtable to pid-specific cache we have now.
If symbols were shared between processes, that'd make more sense, but
we aren't doing that (albeit strings are shared between symbol
instances to reduce that overhead).
We will want to start embedding this content in the capture file (but
after gzipping it as it's otherwise quite large). This will get things in
place so that we can parse that .gz file into the address ranges and
decode symbols found within the capture file.
