debugger.cpp revision d23736e4f228e46304b7cbc674a1d0094d73e0f5 
1/*
2 * Copyright (C) 2008 The Android Open Source Project
3 * All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *  * Redistributions of source code must retain the above copyright
9 *    notice, this list of conditions and the following disclaimer.
10 *  * Redistributions in binary form must reproduce the above copyright
11 *    notice, this list of conditions and the following disclaimer in
12 *    the documentation and/or other materials provided with the
13 *    distribution.
14 *
15 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
16 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
17 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
18 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
19 * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
20 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
21 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
22 * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
23 * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
24 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
25 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26 * SUCH DAMAGE.
27 */
28
29#include "linker.h"
30#include "linker_format.h"
31
32#include <stdio.h>
33#include <stdlib.h>
34#include <unistd.h>
35#include <signal.h>
36#include <sys/prctl.h>
37#include <errno.h>
38#include <sys/socket.h>
39#include <sys/un.h>
40
41#include <private/logd.h>
42
43extern "C" int tgkill(int tgid, int tid, int sig);
44
45#define DEBUGGER_SOCKET_NAME "android:debuggerd"
46
47enum debugger_action_t {
48    // dump a crash
49    DEBUGGER_ACTION_CRASH,
50    // dump a tombstone file
51    DEBUGGER_ACTION_DUMP_TOMBSTONE,
52    // dump a backtrace only back to the socket
53    DEBUGGER_ACTION_DUMP_BACKTRACE,
54};
55
56/* message sent over the socket */
57struct debugger_msg_t {
58    debugger_action_t action;
59    pid_t tid;
60};
61
62// see man(2) prctl, specifically the section about PR_GET_NAME
63#define MAX_TASK_NAME_LEN (16)
64
65static int socket_abstract_client(const char* name, int type) {
66    sockaddr_un addr;
67
68    // Test with length +1 for the *initial* '\0'.
69    size_t namelen = strlen(name);
70    if ((namelen + 1) > sizeof(addr.sun_path)) {
71        errno = EINVAL;
72        return -1;
73    }
74
75    /* This is used for abstract socket namespace, we need
76     * an initial '\0' at the start of the Unix socket path.
77     *
78     * Note: The path in this case is *not* supposed to be
79     * '\0'-terminated. ("man 7 unix" for the gory details.)
80     */
81    memset(&addr, 0, sizeof(addr));
82    addr.sun_family = AF_LOCAL;
83    addr.sun_path[0] = 0;
84    memcpy(addr.sun_path + 1, name, namelen);
85
86    socklen_t alen = namelen + offsetof(sockaddr_un, sun_path) + 1;
87
88    int s = socket(AF_LOCAL, type, 0);
89    if (s == -1) {
90        return -1;
91    }
92
93    int err = TEMP_FAILURE_RETRY(connect(s, (sockaddr*) &addr, alen));
94    if (err == -1) {
95        close(s);
96        s = -1;
97    }
98
99    return s;
100}
101
102/*
103 * Writes a summary of the signal to the log file.  We do this so that, if
104 * for some reason we're not able to contact debuggerd, there is still some
105 * indication of the failure in the log.
106 *
107 * We could be here as a result of native heap corruption, or while a
108 * mutex is being held, so we don't want to use any libc functions that
109 * could allocate memory or hold a lock.
110 */
111static void logSignalSummary(int signum, const siginfo_t* info) {
112    const char* signame;
113    switch (signum) {
114        case SIGILL:    signame = "SIGILL";     break;
115        case SIGABRT:   signame = "SIGABRT";    break;
116        case SIGBUS:    signame = "SIGBUS";     break;
117        case SIGFPE:    signame = "SIGFPE";     break;
118        case SIGSEGV:   signame = "SIGSEGV";    break;
119#if defined(SIGSTKFLT)
120        case SIGSTKFLT: signame = "SIGSTKFLT";  break;
121#endif
122        case SIGPIPE:   signame = "SIGPIPE";    break;
123        default:        signame = "???";        break;
124    }
125
126    char threadname[MAX_TASK_NAME_LEN + 1]; // one more for termination
127    if (prctl(PR_GET_NAME, (unsigned long)threadname, 0, 0, 0) != 0) {
128        strcpy(threadname, "<name unknown>");
129    } else {
130        // short names are null terminated by prctl, but the manpage
131        // implies that 16 byte names are not.
132        threadname[MAX_TASK_NAME_LEN] = 0;
133    }
134
135    char buffer[128];
136    // "info" will be NULL if the siginfo_t information was not available.
137    if (info != NULL) {
138        format_buffer(buffer, sizeof(buffer),
139            "Fatal signal %d (%s) at 0x%08x (code=%d), thread %d (%s)",
140            signum, signame, info->si_addr, info->si_code, gettid(), threadname);
141    } else {
142        format_buffer(buffer, sizeof(buffer),
143            "Fatal signal %d (%s), thread %d (%s)",
144            signum, signame, gettid(), threadname);
145    }
146
147    __libc_android_log_write(ANDROID_LOG_FATAL, "libc", buffer);
148}
149
150/*
151 * Returns true if the handler for signal "signum" has SA_SIGINFO set.
152 */
153static bool haveSiginfo(int signum) {
154    struct sigaction oldact, newact;
155
156    memset(&newact, 0, sizeof(newact));
157    newact.sa_handler = SIG_DFL;
158    newact.sa_flags = SA_RESTART;
159    sigemptyset(&newact.sa_mask);
160
161    if (sigaction(signum, &newact, &oldact) < 0) {
162        __libc_android_log_write(ANDROID_LOG_FATAL, "libc",
163            "Failed testing for SA_SIGINFO");
164        return 0;
165    }
166    bool ret = (oldact.sa_flags & SA_SIGINFO) != 0;
167
168    if (sigaction(signum, &oldact, NULL) < 0) {
169        __libc_android_log_write(ANDROID_LOG_FATAL, "libc",
170            "Restore failed in test for SA_SIGINFO");
171    }
172    return ret;
173}
174
175/*
176 * Catches fatal signals so we can ask debuggerd to ptrace us before
177 * we crash.
178 */
179void debugger_signal_handler(int n, siginfo_t* info, void*) {
180    char msgbuf[128];
181
182    /*
183     * It's possible somebody cleared the SA_SIGINFO flag, which would mean
184     * our "info" arg holds an undefined value.
185     */
186    if (!haveSiginfo(n)) {
187        info = NULL;
188    }
189
190    logSignalSummary(n, info);
191
192    pid_t tid = gettid();
193    int s = socket_abstract_client(DEBUGGER_SOCKET_NAME, SOCK_STREAM);
194
195    if (s >= 0) {
196        /* debugger knows our pid from the credentials on the
197         * local socket but we need to tell it our tid.  It
198         * is paranoid and will verify that we are giving a tid
199         * that's actually in our process
200         */
201        int  ret;
202        debugger_msg_t msg;
203        msg.action = DEBUGGER_ACTION_CRASH;
204        msg.tid = tid;
205        ret = TEMP_FAILURE_RETRY(write(s, &msg, sizeof(msg)));
206        if (ret == sizeof(msg)) {
207            /* if the write failed, there is no point to read on
208             * the file descriptor. */
209            ret = TEMP_FAILURE_RETRY(read(s, &tid, 1));
210            int saved_errno = errno;
211            notify_gdb_of_libraries();
212            errno = saved_errno;
213        }
214
215        if (ret < 0) {
216            /* read or write failed -- broken connection? */
217            format_buffer(msgbuf, sizeof(msgbuf),
218                "Failed while talking to debuggerd: %s", strerror(errno));
219            __libc_android_log_write(ANDROID_LOG_FATAL, "libc", msgbuf);
220        }
221
222        close(s);
223    } else {
224        /* socket failed; maybe process ran out of fds */
225        format_buffer(msgbuf, sizeof(msgbuf),
226            "Unable to open connection to debuggerd: %s", strerror(errno));
227        __libc_android_log_write(ANDROID_LOG_FATAL, "libc", msgbuf);
228    }
229
230    /* remove our net so we fault for real when we return */
231    signal(n, SIG_DFL);
232
233    /*
234     * These signals are not re-thrown when we resume.  This means that
235     * crashing due to (say) SIGPIPE doesn't work the way you'd expect it
236     * to.  We work around this by throwing them manually.  We don't want
237     * to do this for *all* signals because it'll screw up the address for
238     * faults like SIGSEGV.
239     */
240    switch (n) {
241        case SIGABRT:
242        case SIGFPE:
243        case SIGPIPE:
244#ifdef SIGSTKFLT
245        case SIGSTKFLT:
246#endif
247            (void) tgkill(getpid(), gettid(), n);
248            break;
249        default:    // SIGILL, SIGBUS, SIGSEGV
250            break;
251    }
252}
253
254void debugger_init() {
255    struct sigaction act;
256    memset(&act, 0, sizeof(act));
257    act.sa_sigaction = debugger_signal_handler;
258    act.sa_flags = SA_RESTART | SA_SIGINFO;
259    sigemptyset(&act.sa_mask);
260
261    sigaction(SIGILL, &act, NULL);
262    sigaction(SIGABRT, &act, NULL);
263    sigaction(SIGBUS, &act, NULL);
264    sigaction(SIGFPE, &act, NULL);
265    sigaction(SIGSEGV, &act, NULL);
266#if defined(SIGSTKFLT)
267    sigaction(SIGSTKFLT, &act, NULL);
268#endif
269    sigaction(SIGPIPE, &act, NULL);
270}
271