debugger.cpp revision 17e6a98b48c4f228adb37c8d37bbf71dd2a1c513
1/* 2 * Copyright (C) 2008 The Android Open Source Project 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * * Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * * Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in 12 * the documentation and/or other materials provided with the 13 * distribution. 14 * 15 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 16 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 17 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 18 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 19 * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 20 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 21 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS 22 * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 23 * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 24 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT 25 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 26 * SUCH DAMAGE. 27 */ 28 29#include "linker.h" 30 31#include <errno.h> 32#include <inttypes.h> 33#include <signal.h> 34#include <stdio.h> 35#include <stdlib.h> 36#include <sys/mman.h> 37#include <sys/prctl.h> 38#include <sys/socket.h> 39#include <sys/un.h> 40#include <unistd.h> 41 42extern "C" int tgkill(int tgid, int tid, int sig); 43 44#if __LP64__ 45#define DEBUGGER_SOCKET_NAME "android:debuggerd64" 46#else 47#define DEBUGGER_SOCKET_NAME "android:debuggerd" 48#endif 49 50enum debugger_action_t { 51 // dump a crash 52 DEBUGGER_ACTION_CRASH, 53 // dump a tombstone file 54 DEBUGGER_ACTION_DUMP_TOMBSTONE, 55 // dump a backtrace only back to the socket 56 DEBUGGER_ACTION_DUMP_BACKTRACE, 57}; 58 59/* message sent over the socket */ 60struct debugger_msg_t { 61 // version 1 included: 62 debugger_action_t action; 63 pid_t tid; 64 65 // version 2 added: 66 uintptr_t abort_msg_address; 67}; 68 69// see man(2) prctl, specifically the section about PR_GET_NAME 70#define MAX_TASK_NAME_LEN (16) 71 72static int socket_abstract_client(const char* name, int type) { 73 sockaddr_un addr; 74 75 // Test with length +1 for the *initial* '\0'. 76 size_t namelen = strlen(name); 77 if ((namelen + 1) > sizeof(addr.sun_path)) { 78 errno = EINVAL; 79 return -1; 80 } 81 82 // This is used for abstract socket namespace, we need 83 // an initial '\0' at the start of the Unix socket path. 84 // 85 // Note: The path in this case is *not* supposed to be 86 // '\0'-terminated. ("man 7 unix" for the gory details.) 87 memset(&addr, 0, sizeof(addr)); 88 addr.sun_family = AF_LOCAL; 89 addr.sun_path[0] = 0; 90 memcpy(addr.sun_path + 1, name, namelen); 91 92 socklen_t alen = namelen + offsetof(sockaddr_un, sun_path) + 1; 93 94 int s = socket(AF_LOCAL, type, 0); 95 if (s == -1) { 96 return -1; 97 } 98 99 int rc = TEMP_FAILURE_RETRY(connect(s, reinterpret_cast<sockaddr*>(&addr), alen)); 100 if (rc == -1) { 101 close(s); 102 return -1; 103 } 104 105 return s; 106} 107 108/* 109 * Writes a summary of the signal to the log file. We do this so that, if 110 * for some reason we're not able to contact debuggerd, there is still some 111 * indication of the failure in the log. 112 * 113 * We could be here as a result of native heap corruption, or while a 114 * mutex is being held, so we don't want to use any libc functions that 115 * could allocate memory or hold a lock. 116 */ 117static void log_signal_summary(int signum, const siginfo_t* info) { 118 const char* signal_name = "???"; 119 bool has_address = false; 120 switch (signum) { 121 case SIGILL: 122 signal_name = "SIGILL"; 123 has_address = true; 124 break; 125 case SIGABRT: 126 signal_name = "SIGABRT"; 127 break; 128 case SIGBUS: 129 signal_name = "SIGBUS"; 130 has_address = true; 131 break; 132 case SIGFPE: 133 signal_name = "SIGFPE"; 134 has_address = true; 135 break; 136 case SIGSEGV: 137 signal_name = "SIGSEGV"; 138 has_address = true; 139 break; 140#if defined(SIGSTKFLT) 141 case SIGSTKFLT: 142 signal_name = "SIGSTKFLT"; 143 break; 144#endif 145 case SIGPIPE: 146 signal_name = "SIGPIPE"; 147 break; 148 } 149 150 char thread_name[MAX_TASK_NAME_LEN + 1]; // one more for termination 151 if (prctl(PR_GET_NAME, (unsigned long)thread_name, 0, 0, 0) != 0) { 152 strcpy(thread_name, "<name unknown>"); 153 } else { 154 // short names are null terminated by prctl, but the man page 155 // implies that 16 byte names are not. 156 thread_name[MAX_TASK_NAME_LEN] = 0; 157 } 158 159 // "info" will be NULL if the siginfo_t information was not available. 160 // Many signals don't have an address or a code. 161 char code_desc[32]; // ", code -6" 162 char addr_desc[32]; // ", fault addr 0x1234" 163 addr_desc[0] = code_desc[0] = 0; 164 if (info != NULL) { 165 // For a rethrown signal, this si_code will be right and the one debuggerd shows will 166 // always be SI_TKILL. 167 snprintf(code_desc, sizeof(code_desc), ", code %d", info->si_code); 168 if (has_address) { 169 snprintf(addr_desc, sizeof(addr_desc), ", fault addr %p", info->si_addr); 170 } 171 } 172 __libc_format_log(ANDROID_LOG_FATAL, "libc", 173 "Fatal signal %d (%s)%s%s in tid %d (%s)", 174 signum, signal_name, code_desc, addr_desc, gettid(), thread_name); 175} 176 177/* 178 * Returns true if the handler for signal "signum" has SA_SIGINFO set. 179 */ 180static bool have_siginfo(int signum) { 181 struct sigaction old_action, new_action; 182 183 memset(&new_action, 0, sizeof(new_action)); 184 new_action.sa_handler = SIG_DFL; 185 new_action.sa_flags = SA_RESTART; 186 sigemptyset(&new_action.sa_mask); 187 188 if (sigaction(signum, &new_action, &old_action) < 0) { 189 __libc_format_log(ANDROID_LOG_WARN, "libc", "Failed testing for SA_SIGINFO: %s", 190 strerror(errno)); 191 return false; 192 } 193 bool result = (old_action.sa_flags & SA_SIGINFO) != 0; 194 195 if (sigaction(signum, &old_action, NULL) == -1) { 196 __libc_format_log(ANDROID_LOG_WARN, "libc", "Restore failed in test for SA_SIGINFO: %s", 197 strerror(errno)); 198 } 199 return result; 200} 201 202/* 203 * Catches fatal signals so we can ask debuggerd to ptrace us before 204 * we crash. 205 */ 206void debuggerd_signal_handler(int signal_number, siginfo_t* info, void*) { 207 // It's possible somebody cleared the SA_SIGINFO flag, which would mean 208 // our "info" arg holds an undefined value. 209 if (!have_siginfo(signal_number)) { 210 info = NULL; 211 } 212 213 log_signal_summary(signal_number, info); 214 215 int s = socket_abstract_client(DEBUGGER_SOCKET_NAME, SOCK_STREAM); 216 if (s != -1) { 217 // debuggerd knows our pid from the credentials on the 218 // local socket but we need to tell it the tid of the crashing thread. 219 // debuggerd will be paranoid and verify that we sent a tid 220 // that's actually in our process. 221 debugger_msg_t msg; 222 msg.action = DEBUGGER_ACTION_CRASH; 223 msg.tid = gettid(); 224 msg.abort_msg_address = reinterpret_cast<uintptr_t>(gAbortMessage); 225 int ret = TEMP_FAILURE_RETRY(write(s, &msg, sizeof(msg))); 226 if (ret == sizeof(msg)) { 227 // If the write failed, there is no point trying to read a response. 228 char debuggerd_ack; 229 ret = TEMP_FAILURE_RETRY(read(s, &debuggerd_ack, 1)); 230 int saved_errno = errno; 231 notify_gdb_of_libraries(); 232 errno = saved_errno; 233 } 234 235 if (ret < 0) { 236 // read or write failed -- broken connection? 237 __libc_format_log(ANDROID_LOG_FATAL, "libc", "Failed while talking to debuggerd: %s", 238 strerror(errno)); 239 } 240 241 close(s); 242 } else { 243 // socket failed; maybe process ran out of fds? 244 __libc_format_log(ANDROID_LOG_FATAL, "libc", "Unable to open connection to debuggerd: %s", 245 strerror(errno)); 246 } 247 248 // Remove our net so we fault for real when we return. 249 signal(signal_number, SIG_DFL); 250 251 // These signals are not re-thrown when we resume. This means that 252 // crashing due to (say) SIGPIPE doesn't work the way you'd expect it 253 // to. We work around this by throwing them manually. We don't want 254 // to do this for *all* signals because it'll screw up the address for 255 // faults like SIGSEGV. 256 switch (signal_number) { 257 case SIGABRT: 258 case SIGFPE: 259 case SIGPIPE: 260#if defined(SIGSTKFLT) 261 case SIGSTKFLT: 262#endif 263 tgkill(getpid(), gettid(), signal_number); 264 break; 265 default: // SIGILL, SIGBUS, SIGSEGV 266 break; 267 } 268} 269 270void debuggerd_init() { 271 struct sigaction action; 272 memset(&action, 0, sizeof(action)); 273 sigemptyset(&action.sa_mask); 274 action.sa_sigaction = debuggerd_signal_handler; 275 action.sa_flags = SA_RESTART | SA_SIGINFO; 276 277 // Use the alternate signal stack if available so we can catch stack overflows. 278 action.sa_flags |= SA_ONSTACK; 279 280 sigaction(SIGABRT, &action, NULL); 281 sigaction(SIGBUS, &action, NULL); 282 sigaction(SIGFPE, &action, NULL); 283 sigaction(SIGILL, &action, NULL); 284 sigaction(SIGPIPE, &action, NULL); 285 sigaction(SIGSEGV, &action, NULL); 286#if defined(SIGSTKFLT) 287 sigaction(SIGSTKFLT, &action, NULL); 288#endif 289 sigaction(SIGTRAP, &action, NULL); 290} 291