1// Copyright (c) 2010 Google Inc.
2// All rights reserved.
3//
4// Redistribution and use in source and binary forms, with or without
5// modification, are permitted provided that the following conditions are
6// met:
7//
8//     * Redistributions of source code must retain the above copyright
9// notice, this list of conditions and the following disclaimer.
10//     * Redistributions in binary form must reproduce the above
11// copyright notice, this list of conditions and the following disclaimer
12// in the documentation and/or other materials provided with the
13// distribution.
14//     * Neither the name of Google Inc. nor the names of its
15// contributors may be used to endorse or promote products derived from
16// this software without specific prior written permission.
17//
18// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
19// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
20// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
21// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
22// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
23// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
24// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
25// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
26// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
27// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
28// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
29
30// stackwalker_arm.cc: arm-specific stackwalker.
31//
32// See stackwalker_arm.h for documentation.
33//
34// Author: Mark Mentovai, Ted Mielczarek, Jim Blandy
35
36#include <vector>
37
38#include "common/scoped_ptr.h"
39#include "google_breakpad/processor/call_stack.h"
40#include "google_breakpad/processor/memory_region.h"
41#include "google_breakpad/processor/source_line_resolver_interface.h"
42#include "google_breakpad/processor/stack_frame_cpu.h"
43#include "processor/cfi_frame_info.h"
44#include "processor/logging.h"
45#include "processor/stackwalker_arm.h"
46
47namespace google_breakpad {
48
49
50StackwalkerARM::StackwalkerARM(const SystemInfo* system_info,
51                               const MDRawContextARM* context,
52                               int fp_register,
53                               MemoryRegion* memory,
54                               const CodeModules* modules,
55                               StackFrameSymbolizer* resolver_helper)
56    : Stackwalker(system_info, memory, modules, resolver_helper),
57      context_(context), fp_register_(fp_register),
58      context_frame_validity_(StackFrameARM::CONTEXT_VALID_ALL) { }
59
60
61StackFrame* StackwalkerARM::GetContextFrame() {
62  if (!context_) {
63    BPLOG(ERROR) << "Can't get context frame without context";
64    return NULL;
65  }
66
67  StackFrameARM* frame = new StackFrameARM();
68
69  // The instruction pointer is stored directly in a register (r15), so pull it
70  // straight out of the CPU context structure.
71  frame->context = *context_;
72  frame->context_validity = context_frame_validity_;
73  frame->trust = StackFrame::FRAME_TRUST_CONTEXT;
74  frame->instruction = frame->context.iregs[MD_CONTEXT_ARM_REG_PC];
75
76  return frame;
77}
78
79StackFrameARM* StackwalkerARM::GetCallerByCFIFrameInfo(
80    const vector<StackFrame*> &frames,
81    CFIFrameInfo* cfi_frame_info) {
82  StackFrameARM* last_frame = static_cast<StackFrameARM*>(frames.back());
83
84  static const char* register_names[] = {
85    "r0",  "r1",  "r2",  "r3",  "r4",  "r5",  "r6",  "r7",
86    "r8",  "r9",  "r10", "r11", "r12", "sp",  "lr",  "pc",
87    "f0",  "f1",  "f2",  "f3",  "f4",  "f5",  "f6",  "f7",
88    "fps", "cpsr",
89    NULL
90  };
91
92  // Populate a dictionary with the valid register values in last_frame.
93  CFIFrameInfo::RegisterValueMap<uint32_t> callee_registers;
94  for (int i = 0; register_names[i]; i++)
95    if (last_frame->context_validity & StackFrameARM::RegisterValidFlag(i))
96      callee_registers[register_names[i]] = last_frame->context.iregs[i];
97
98  // Use the STACK CFI data to recover the caller's register values.
99  CFIFrameInfo::RegisterValueMap<uint32_t> caller_registers;
100  if (!cfi_frame_info->FindCallerRegs(callee_registers, *memory_,
101                                      &caller_registers))
102    return NULL;
103
104  // Construct a new stack frame given the values the CFI recovered.
105  scoped_ptr<StackFrameARM> frame(new StackFrameARM());
106  for (int i = 0; register_names[i]; i++) {
107    CFIFrameInfo::RegisterValueMap<uint32_t>::iterator entry =
108      caller_registers.find(register_names[i]);
109    if (entry != caller_registers.end()) {
110      // We recovered the value of this register; fill the context with the
111      // value from caller_registers.
112      frame->context_validity |= StackFrameARM::RegisterValidFlag(i);
113      frame->context.iregs[i] = entry->second;
114    } else if (4 <= i && i <= 11 && (last_frame->context_validity &
115                                     StackFrameARM::RegisterValidFlag(i))) {
116      // If the STACK CFI data doesn't mention some callee-saves register, and
117      // it is valid in the callee, assume the callee has not yet changed it.
118      // Registers r4 through r11 are callee-saves, according to the Procedure
119      // Call Standard for the ARM Architecture, which the Linux ABI follows.
120      frame->context_validity |= StackFrameARM::RegisterValidFlag(i);
121      frame->context.iregs[i] = last_frame->context.iregs[i];
122    }
123  }
124  // If the CFI doesn't recover the PC explicitly, then use .ra.
125  if (!(frame->context_validity & StackFrameARM::CONTEXT_VALID_PC)) {
126    CFIFrameInfo::RegisterValueMap<uint32_t>::iterator entry =
127      caller_registers.find(".ra");
128    if (entry != caller_registers.end()) {
129      if (fp_register_ == -1) {
130        frame->context_validity |= StackFrameARM::CONTEXT_VALID_PC;
131        frame->context.iregs[MD_CONTEXT_ARM_REG_PC] = entry->second;
132      } else {
133        // The CFI updated the link register and not the program counter.
134        // Handle getting the program counter from the link register.
135        frame->context_validity |= StackFrameARM::CONTEXT_VALID_PC;
136        frame->context_validity |= StackFrameARM::CONTEXT_VALID_LR;
137        frame->context.iregs[MD_CONTEXT_ARM_REG_LR] = entry->second;
138        frame->context.iregs[MD_CONTEXT_ARM_REG_PC] =
139            last_frame->context.iregs[MD_CONTEXT_ARM_REG_LR];
140      }
141    }
142  }
143  // If the CFI doesn't recover the SP explicitly, then use .cfa.
144  if (!(frame->context_validity & StackFrameARM::CONTEXT_VALID_SP)) {
145    CFIFrameInfo::RegisterValueMap<uint32_t>::iterator entry =
146      caller_registers.find(".cfa");
147    if (entry != caller_registers.end()) {
148      frame->context_validity |= StackFrameARM::CONTEXT_VALID_SP;
149      frame->context.iregs[MD_CONTEXT_ARM_REG_SP] = entry->second;
150    }
151  }
152
153  // If we didn't recover the PC and the SP, then the frame isn't very useful.
154  static const int essentials = (StackFrameARM::CONTEXT_VALID_SP
155                                 | StackFrameARM::CONTEXT_VALID_PC);
156  if ((frame->context_validity & essentials) != essentials)
157    return NULL;
158
159  frame->trust = StackFrame::FRAME_TRUST_CFI;
160  return frame.release();
161}
162
163StackFrameARM* StackwalkerARM::GetCallerByStackScan(
164    const vector<StackFrame*> &frames) {
165  StackFrameARM* last_frame = static_cast<StackFrameARM*>(frames.back());
166  uint32_t last_sp = last_frame->context.iregs[MD_CONTEXT_ARM_REG_SP];
167  uint32_t caller_sp, caller_pc;
168
169  if (!ScanForReturnAddress(last_sp, &caller_sp, &caller_pc,
170                            frames.size() == 1 /* is_context_frame */)) {
171    // No plausible return address was found.
172    return NULL;
173  }
174
175  // ScanForReturnAddress found a reasonable return address. Advance
176  // %sp to the location above the one where the return address was
177  // found.
178  caller_sp += 4;
179
180  // Create a new stack frame (ownership will be transferred to the caller)
181  // and fill it in.
182  StackFrameARM* frame = new StackFrameARM();
183
184  frame->trust = StackFrame::FRAME_TRUST_SCAN;
185  frame->context = last_frame->context;
186  frame->context.iregs[MD_CONTEXT_ARM_REG_PC] = caller_pc;
187  frame->context.iregs[MD_CONTEXT_ARM_REG_SP] = caller_sp;
188  frame->context_validity = StackFrameARM::CONTEXT_VALID_PC |
189                            StackFrameARM::CONTEXT_VALID_SP;
190
191  return frame;
192}
193
194StackFrameARM* StackwalkerARM::GetCallerByFramePointer(
195    const vector<StackFrame*> &frames) {
196  StackFrameARM* last_frame = static_cast<StackFrameARM*>(frames.back());
197
198  if (!(last_frame->context_validity &
199        StackFrameARM::RegisterValidFlag(fp_register_))) {
200    return NULL;
201  }
202
203  uint32_t last_fp = last_frame->context.iregs[fp_register_];
204
205  uint32_t caller_fp = 0;
206  if (last_fp && !memory_->GetMemoryAtAddress(last_fp, &caller_fp)) {
207    BPLOG(ERROR) << "Unable to read caller_fp from last_fp: 0x"
208                 << std::hex << last_fp;
209    return NULL;
210  }
211
212  uint32_t caller_lr = 0;
213  if (last_fp && !memory_->GetMemoryAtAddress(last_fp + 4, &caller_lr)) {
214    BPLOG(ERROR) << "Unable to read caller_lr from last_fp + 4: 0x"
215                 << std::hex << (last_fp + 4);
216    return NULL;
217  }
218
219  uint32_t caller_sp = last_fp ? last_fp + 8 :
220      last_frame->context.iregs[MD_CONTEXT_ARM_REG_SP];
221
222  // Create a new stack frame (ownership will be transferred to the caller)
223  // and fill it in.
224  StackFrameARM* frame = new StackFrameARM();
225
226  frame->trust = StackFrame::FRAME_TRUST_FP;
227  frame->context = last_frame->context;
228  frame->context.iregs[fp_register_] = caller_fp;
229  frame->context.iregs[MD_CONTEXT_ARM_REG_SP] = caller_sp;
230  frame->context.iregs[MD_CONTEXT_ARM_REG_PC] =
231      last_frame->context.iregs[MD_CONTEXT_ARM_REG_LR];
232  frame->context.iregs[MD_CONTEXT_ARM_REG_LR] = caller_lr;
233  frame->context_validity = StackFrameARM::CONTEXT_VALID_PC |
234                            StackFrameARM::CONTEXT_VALID_LR |
235                            StackFrameARM::RegisterValidFlag(fp_register_) |
236                            StackFrameARM::CONTEXT_VALID_SP;
237  return frame;
238}
239
240StackFrame* StackwalkerARM::GetCallerFrame(const CallStack* stack,
241                                           bool stack_scan_allowed) {
242  if (!memory_ || !stack) {
243    BPLOG(ERROR) << "Can't get caller frame without memory or stack";
244    return NULL;
245  }
246
247  const vector<StackFrame*> &frames = *stack->frames();
248  StackFrameARM* last_frame = static_cast<StackFrameARM*>(frames.back());
249  scoped_ptr<StackFrameARM> frame;
250
251  // See if there is DWARF call frame information covering this address.
252  scoped_ptr<CFIFrameInfo> cfi_frame_info(
253      frame_symbolizer_->FindCFIFrameInfo(last_frame));
254  if (cfi_frame_info.get())
255    frame.reset(GetCallerByCFIFrameInfo(frames, cfi_frame_info.get()));
256
257  // If CFI failed, or there wasn't CFI available, fall back
258  // to frame pointer, if this is configured.
259  if (fp_register_ >= 0 && !frame.get())
260    frame.reset(GetCallerByFramePointer(frames));
261
262  // If everuthing failed, fall back to stack scanning.
263  if (stack_scan_allowed && !frame.get())
264    frame.reset(GetCallerByStackScan(frames));
265
266  // If nothing worked, tell the caller.
267  if (!frame.get())
268    return NULL;
269
270
271  // An instruction address of zero marks the end of the stack.
272  if (frame->context.iregs[MD_CONTEXT_ARM_REG_PC] == 0)
273    return NULL;
274
275  // If the new stack pointer is at a lower address than the old, then
276  // that's clearly incorrect. Treat this as end-of-stack to enforce
277  // progress and avoid infinite loops.
278  if (frame->context.iregs[MD_CONTEXT_ARM_REG_SP]
279      < last_frame->context.iregs[MD_CONTEXT_ARM_REG_SP])
280    return NULL;
281
282  // The new frame's context's PC is the return address, which is one
283  // instruction past the instruction that caused us to arrive at the
284  // callee. Set new_frame->instruction to one less than the PC. This won't
285  // reference the beginning of the call instruction, but it's at least
286  // within it, which is sufficient to get the source line information to
287  // match up with the line that contains the function call. Callers that
288  // require the exact return address value may access
289  // frame->context.iregs[MD_CONTEXT_ARM_REG_PC].
290  frame->instruction = frame->context.iregs[MD_CONTEXT_ARM_REG_PC] - 2;
291
292  return frame.release();
293}
294
295
296}  // namespace google_breakpad
297