debugger.cpp revision 1e980b6bc8315d00a07312b25486531247abd98c
1/* 2 * Copyright (C) 2008 The Android Open Source Project 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * * Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * * Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in 12 * the documentation and/or other materials provided with the 13 * distribution. 14 * 15 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 16 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 17 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 18 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 19 * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 20 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 21 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS 22 * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 23 * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 24 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT 25 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 26 * SUCH DAMAGE. 27 */ 28 29#include "linker.h" 30 31#include <stdio.h> 32#include <stdlib.h> 33#include <unistd.h> 34#include <signal.h> 35#include <sys/prctl.h> 36#include <errno.h> 37#include <sys/socket.h> 38#include <sys/un.h> 39 40#include <private/debug_format.h> 41#include <private/logd.h> 42 43extern "C" int tgkill(int tgid, int tid, int sig); 44 45#define DEBUGGER_SOCKET_NAME "android:debuggerd" 46 47enum debugger_action_t { 48 // dump a crash 49 DEBUGGER_ACTION_CRASH, 50 // dump a tombstone file 51 DEBUGGER_ACTION_DUMP_TOMBSTONE, 52 // dump a backtrace only back to the socket 53 DEBUGGER_ACTION_DUMP_BACKTRACE, 54}; 55 56/* message sent over the socket */ 57struct debugger_msg_t { 58 debugger_action_t action; 59 pid_t tid; 60}; 61 62// see man(2) prctl, specifically the section about PR_GET_NAME 63#define MAX_TASK_NAME_LEN (16) 64 65static int socket_abstract_client(const char* name, int type) { 66 sockaddr_un addr; 67 68 // Test with length +1 for the *initial* '\0'. 69 size_t namelen = strlen(name); 70 if ((namelen + 1) > sizeof(addr.sun_path)) { 71 errno = EINVAL; 72 return -1; 73 } 74 75 /* This is used for abstract socket namespace, we need 76 * an initial '\0' at the start of the Unix socket path. 77 * 78 * Note: The path in this case is *not* supposed to be 79 * '\0'-terminated. ("man 7 unix" for the gory details.) 80 */ 81 memset(&addr, 0, sizeof(addr)); 82 addr.sun_family = AF_LOCAL; 83 addr.sun_path[0] = 0; 84 memcpy(addr.sun_path + 1, name, namelen); 85 86 socklen_t alen = namelen + offsetof(sockaddr_un, sun_path) + 1; 87 88 int s = socket(AF_LOCAL, type, 0); 89 if (s == -1) { 90 return -1; 91 } 92 93 int err = TEMP_FAILURE_RETRY(connect(s, (sockaddr*) &addr, alen)); 94 if (err == -1) { 95 close(s); 96 s = -1; 97 } 98 99 return s; 100} 101 102/* 103 * Writes a summary of the signal to the log file. We do this so that, if 104 * for some reason we're not able to contact debuggerd, there is still some 105 * indication of the failure in the log. 106 * 107 * We could be here as a result of native heap corruption, or while a 108 * mutex is being held, so we don't want to use any libc functions that 109 * could allocate memory or hold a lock. 110 */ 111static void logSignalSummary(int signum, const siginfo_t* info) { 112 const char* signame; 113 switch (signum) { 114 case SIGILL: signame = "SIGILL"; break; 115 case SIGABRT: signame = "SIGABRT"; break; 116 case SIGBUS: signame = "SIGBUS"; break; 117 case SIGFPE: signame = "SIGFPE"; break; 118 case SIGSEGV: signame = "SIGSEGV"; break; 119#if defined(SIGSTKFLT) 120 case SIGSTKFLT: signame = "SIGSTKFLT"; break; 121#endif 122 case SIGPIPE: signame = "SIGPIPE"; break; 123 default: signame = "???"; break; 124 } 125 126 char threadname[MAX_TASK_NAME_LEN + 1]; // one more for termination 127 if (prctl(PR_GET_NAME, (unsigned long)threadname, 0, 0, 0) != 0) { 128 strcpy(threadname, "<name unknown>"); 129 } else { 130 // short names are null terminated by prctl, but the manpage 131 // implies that 16 byte names are not. 132 threadname[MAX_TASK_NAME_LEN] = 0; 133 } 134 135 char buffer[128]; 136 // "info" will be NULL if the siginfo_t information was not available. 137 if (info != NULL) { 138 __libc_format_buffer(buffer, sizeof(buffer), 139 "Fatal signal %d (%s) at 0x%08x (code=%d), thread %d (%s)", 140 signum, signame, reinterpret_cast<uintptr_t>(info->si_addr), 141 info->si_code, gettid(), threadname); 142 } else { 143 __libc_format_buffer(buffer, sizeof(buffer), 144 "Fatal signal %d (%s), thread %d (%s)", 145 signum, signame, gettid(), threadname); 146 } 147 148 __libc_android_log_write(ANDROID_LOG_FATAL, "libc", buffer); 149} 150 151/* 152 * Returns true if the handler for signal "signum" has SA_SIGINFO set. 153 */ 154static bool haveSiginfo(int signum) { 155 struct sigaction oldact, newact; 156 157 memset(&newact, 0, sizeof(newact)); 158 newact.sa_handler = SIG_DFL; 159 newact.sa_flags = SA_RESTART; 160 sigemptyset(&newact.sa_mask); 161 162 if (sigaction(signum, &newact, &oldact) < 0) { 163 __libc_android_log_write(ANDROID_LOG_FATAL, "libc", 164 "Failed testing for SA_SIGINFO"); 165 return 0; 166 } 167 bool ret = (oldact.sa_flags & SA_SIGINFO) != 0; 168 169 if (sigaction(signum, &oldact, NULL) < 0) { 170 __libc_android_log_write(ANDROID_LOG_FATAL, "libc", 171 "Restore failed in test for SA_SIGINFO"); 172 } 173 return ret; 174} 175 176/* 177 * Catches fatal signals so we can ask debuggerd to ptrace us before 178 * we crash. 179 */ 180void debugger_signal_handler(int n, siginfo_t* info, void*) { 181 char msgbuf[128]; 182 183 /* 184 * It's possible somebody cleared the SA_SIGINFO flag, which would mean 185 * our "info" arg holds an undefined value. 186 */ 187 if (!haveSiginfo(n)) { 188 info = NULL; 189 } 190 191 logSignalSummary(n, info); 192 193 pid_t tid = gettid(); 194 int s = socket_abstract_client(DEBUGGER_SOCKET_NAME, SOCK_STREAM); 195 196 if (s >= 0) { 197 /* debugger knows our pid from the credentials on the 198 * local socket but we need to tell it our tid. It 199 * is paranoid and will verify that we are giving a tid 200 * that's actually in our process 201 */ 202 int ret; 203 debugger_msg_t msg; 204 msg.action = DEBUGGER_ACTION_CRASH; 205 msg.tid = tid; 206 ret = TEMP_FAILURE_RETRY(write(s, &msg, sizeof(msg))); 207 if (ret == sizeof(msg)) { 208 /* if the write failed, there is no point to read on 209 * the file descriptor. */ 210 ret = TEMP_FAILURE_RETRY(read(s, &tid, 1)); 211 int saved_errno = errno; 212 notify_gdb_of_libraries(); 213 errno = saved_errno; 214 } 215 216 if (ret < 0) { 217 /* read or write failed -- broken connection? */ 218 __libc_format_buffer(msgbuf, sizeof(msgbuf), 219 "Failed while talking to debuggerd: %s", strerror(errno)); 220 __libc_android_log_write(ANDROID_LOG_FATAL, "libc", msgbuf); 221 } 222 223 close(s); 224 } else { 225 /* socket failed; maybe process ran out of fds */ 226 __libc_format_buffer(msgbuf, sizeof(msgbuf), 227 "Unable to open connection to debuggerd: %s", strerror(errno)); 228 __libc_android_log_write(ANDROID_LOG_FATAL, "libc", msgbuf); 229 } 230 231 /* remove our net so we fault for real when we return */ 232 signal(n, SIG_DFL); 233 234 /* 235 * These signals are not re-thrown when we resume. This means that 236 * crashing due to (say) SIGPIPE doesn't work the way you'd expect it 237 * to. We work around this by throwing them manually. We don't want 238 * to do this for *all* signals because it'll screw up the address for 239 * faults like SIGSEGV. 240 */ 241 switch (n) { 242 case SIGABRT: 243 case SIGFPE: 244 case SIGPIPE: 245#ifdef SIGSTKFLT 246 case SIGSTKFLT: 247#endif 248 (void) tgkill(getpid(), gettid(), n); 249 break; 250 default: // SIGILL, SIGBUS, SIGSEGV 251 break; 252 } 253} 254 255void debugger_init() { 256 struct sigaction act; 257 memset(&act, 0, sizeof(act)); 258 act.sa_sigaction = debugger_signal_handler; 259 act.sa_flags = SA_RESTART | SA_SIGINFO; 260 sigemptyset(&act.sa_mask); 261 262 sigaction(SIGILL, &act, NULL); 263 sigaction(SIGABRT, &act, NULL); 264 sigaction(SIGBUS, &act, NULL); 265 sigaction(SIGFPE, &act, NULL); 266 sigaction(SIGSEGV, &act, NULL); 267#if defined(SIGSTKFLT) 268 sigaction(SIGSTKFLT, &act, NULL); 269#endif 270 sigaction(SIGPIPE, &act, NULL); 271} 272