Commit Graph

26 Commits

Author SHA1 Message Date
Josh Gao 7c89f9e955 debuggerd: fix several bugs caused by fork/setuid change.
Previously, we weren't PTRACE_ATTACHing to all of the threads of a
process, and we were also trying to do it after forking and dropping
privileges. This patch ensures that all ptrace attaching/detaching
happens in one place, before forking/exiting respectively.

Bug: http://b/26443860
Bug: http://b/26436605
Bug: http://b/26436486
Change-Id: Id94e0c1d9d56c051d0dd281d895aaa3285079198
2016-01-14 15:06:37 -08:00
Christopher Ferris b36b592338 Replace all _LOG error calls with ALOGE.
The debuggerd code sometimes calls _LOG(..., logtype::ERROR, ...)
and sometimes ALOGE(). Standardize on ALOGE since the _LOG message
will wind up in the tombstone in weird places, but using ALOGE
will wind up in the logcat portion of the tombstone.

Bug: 21467089
Change-Id: Ie893f5e91d45b48ef3f5864c3a714e60ac848fb3
2015-07-01 13:23:19 -07:00
Christopher Ferris e8bc77eb84 Refactor dump_memory function.
- Add dumping memory around registers for x86/x86_64.
- Add unit tests for new dump_memory function.
- Cleanup all of the machine.cpp files.
- Increase the high address check for 32 bit, and decrease the high
  address allowed for 64 bit slightly to match mips64.

Bug: 21206576
Change-Id: I6f75141f3282db48b10f7c695a1cf2eb75a08351
2015-05-27 17:21:38 -07:00
Douglas Leung 2ea9a32434 Add backtrace support for mips64.
Change-Id: I12ea2fcbe6780bb596f51988eae1ceafcec858df
2015-03-09 18:43:10 -07:00
Christopher Ferris 1072f917cf Fix debuggerd issues.
- Fix a problem where a tid exits before the attach completes, and it
  causes debuggerd to self terminate.
- Fix a problem where sibling tid dumps do not properly wait for the tid
  to get signalled.

Bug: 17800180
Bug: 12567315

(cherry picked from commit 84ddb34a3a)

Change-Id: I45e33865614d4c96f4a89cf117398666b556d500
2014-11-03 11:26:33 -08:00
Mark Salyzyn 45ae446cab debuggerd: tombstone: suppress logger request for logd process
Change-Id: I619880342ee6febd1a6cc98d2a4f536120efc1c8
2014-07-28 15:16:05 -07:00
Brigid Smith c75a02fe3f Added default constructor for log_t.
Bug: 16357258
Change-Id: I39169b35653d2b717fadbcff75978db01cc375ef
2014-07-17 15:49:39 -07:00
Elliott Hughes b40c50351e Add missing arm64 registers.
Also fix dumping of arm64's vector registers, which are actually 128 bits wide.

Also move the arm/arm64 FP registers to the tombstone. (We've never dumped
them at all for the other architectures.)

Change-Id: I239a86dd225b47fa90109bc824b7610df67ad812
2014-07-14 17:12:20 -07:00
Michael Wright 80f596984e Print ABI in backtraces.
This lets the stack tool figure out which toolchain to use
automatically.

Change-Id: Ia235d6904622423fe6fbc7b0315a1861e52a41ad
2014-06-24 17:14:26 -07:00
Brigid Smith 50eb546ec1 Removed log.quiet and log = NULL cases from debuggerd.
Now the functionality implemented by these semi-confusing cases has been
replaced with the same logtype enum behavior that is easier to
understand, and cases that used log-looking behavior to print to logcat
(when log = NULL) now use the more transparent ALOGE/ALOGD functions.

Change-Id: I7e38f2d4ca74a828df4d2266b3ea34edd3c6f5bb
2014-06-19 10:59:01 -07:00
Brigid Smith 62ba489ba0 Changing how debuggerd filters log messages to different locations.
The system by which debuggerd filters its output to different locations
is now based on an enum called logtype with easy to understand
categories for log messages (like THREAD, MEMORY, etc.) instead of the
old, fairly esoteric scope_flags variable.  Now much of the output that
previously went to logcat does not show up on the screen, but all output
can be found in the tombstone file.  In addition, the tombstone's
location is now printed so it can be located easily.

Bug: 15341747
Change-Id: Ia2f2051d1dfdea934d0e6ed220f24345e35ba6a2
2014-06-16 14:41:21 -07:00
Pavel Chupin c6c194ced0 LP64: Enable debuggerd/libbacktrace/libunwind.
Change-Id: I2e432839f86c33c2adbaac8cc12ca8961956044b
Signed-off-by: Pavel Chupin <pavel.v.chupin@intel.com>
2014-01-30 17:15:24 -08:00
Kévin PETIT 4bb477205a debuggerd: a few generic improvements
This one makes dump_memory reasonably architecture-agnostic so it is
possible to share the code between architectures.

It also includes a few small improvements in tombstone.cpp.

Change-Id: Ib8a9599bfa420b41e80207988e87aee1b9d79541
Signed-off-by: Kévin PETIT <kevin.petit@arm.com>
2014-01-30 15:55:33 -08:00
Christopher Tate 7716aef138 Uploaded native crash dumps do not include memory contents
Also fixed the LOG() macro to actually write to the log again, tracking
the change in _LOG() argument semantics.

Bug 8322568

Change-Id: I79330c85c26d3ffb734315b6d0f2c0bb80bd234a
2013-04-05 16:30:15 -07:00
Christopher Tate ded2e5acfc debuggerd now notifies the Activity Manager about native crashes
The Activity Manager sets up a permission-guarded domain socket, which
debuggerd connects to when a crash happens.  If this is successful,
the daemon then mirrors the logged crash report to that socket, then
closes it.

Bug 8322568

Change-Id: Ife0c772a628ef82e8457094e511ce1edbfe57460
2013-04-01 10:37:24 -07:00
Jeff Brown 053b865412 Enhance native stack dumps.
Provides a new mechanism for dumpstate (while running as root)
to request that debuggerd dump the stacks of native processes that
we care about in bug reports.  In this mode, the backtrace
is formatted to look similar to a Dalvik backtrace.

Moved the tombstone generating code into a separate file to
make it easier to maintain.

Fixed a bug where sometimes the stack traces would be incomplete
because we were not waiting for each thread to stop after issuing
PTRACE_ATTACH, only the main thread.  So sometimes we were missing
traces for some threads.

Refactored the logging code to prevent accidentally writing data
to logcat when explicitly dumping a tombstone or backtrace from the
console.

Only root or system server can request to dump backtraces but
only root can dump tombstones.

Bug: 6615693
Change-Id: Ib3edcc16f9f3a687e414e3f2d250d9500566123b
2012-06-08 13:29:23 -07:00
Jeff Brown f0c5872637 Improve stack unwinder robustness.
Keep track of whether memory maps are readable.  Use the information
in try_get_word to try to avoid accidentally dereferencing an invalid
pointer within the current process.  (Note that I haven't ever
seen that happen during normal unwinding, but it pays to be
a little more careful.)

Refactored try_get_word a little to make it easier to pass it the
needed state for validation checks by way of a little memory_t struct.

Improved how the memory map for the current process is cached.  This is
important because we need up to date information about readable maps.
Use a 5 second cache expiration.

Improved the PC -> LR fallback logic in the unwinder so we can
eke out an extra frame sometimes.

Fixed a bug reading ELF program headers.  The phnum & phentsize
fields are half-words.  We were incorrectly interpreting
phnum as a whole word.

Used android_atomic_* operations carefully in the unwinder
to prevent possible memory races between the dumper and the dumpee.
This was highly unlikely (or even impossible due to the presence
of other barriers along the way) but the code is clearer now about
its invariants.

Fixed a bug in debuggerd where the pid was being passed to have
its stack dump taken instead of the tid, resulting in short
stacks because ptrace couldn't read the data if pid != tid.
Did a full sweep to ensure that we use pid / tid correctly everywhere.

Ported old code from debuggerd to rewind the program counter back
one instruction so that it points to the branch instruction itself
instead of the return address.

Change-Id: Icc4eb08320052975a4ae7f0f5f0ac9308a2d33d7
2011-11-04 01:11:04 -07:00
Jeff Brown 13e715b491 Use libcorkscrew in debuggerd.
Change-Id: I5e3645a39d96c808f87075b49111d0262a19a0c8
2011-10-22 16:43:00 -07:00
Andy McFadden 136dcc5ce6 Show maps near native fault address
This adds some additional output to native crashes.  For example, if
something tried to access a bit of mmap(/dev/zero) memory that had
been mprotect()ed, you might see output like this:

I DEBUG   : memory map around addr 4015a00c:
I DEBUG   : 40159000-4015a000 /system/lib/libstdc++.so
I DEBUG   : 4015a000-40162000 /dev/zero
I DEBUG   : b0001000-b0009000 /system/bin/linker

The idea is to see what's in and around the fault address to make it
easier to identify bus errors due to file truncation and segmentation
faults caused by buffer over/underruns.

No output is generated for accesses below 0x1000 (which are likely
NULL pointer dereferences) or for signals that don't set si_addr.

Also, suppress the fault address for signals that don't set si_addr:
I DEBUG   : signal 6 (SIGABRT), code 0 (?), fault addr --------

We still print "fault addr" followed by 8 characters for anything
that is parsing the contents.  The "address" shown for signals like
SIGABRT was meaningless and possibly confusing.

Bug 5358516

Change-Id: Icae8ef309ea2d89b129f68d30f96b2ca8a69cc6c
2011-10-13 12:35:55 -07:00
David 'Digit' Turner 2c259914a0 debuggerd: Fix missing include.
The structure user_vfp is incorrectly defined in bionic/libc/kernel/arch-arm/asm/ptrace.h
at the moment, while it should be under bionic/libc/kernel/arch-arm/asm/user.h instead.

Before moving its definition in the corresponding source files, we need to fix its users.
It happens that debuggerd is the only one for now, so fix this by including <linux/user.h>
instead (which will include <asm/user.h> and <asm/ptrace.h>).

Also, make the debug output less chatty by specifying all symbols to be listed
through XLOG2 instead of XLOG.

Change-Id: I16e0fa700945d86efd44ee885a84ad609c0a9b58
2011-02-01 14:38:30 +01:00
Bruce Beare 849249064c debuggerd: Reorganize to facilitate IA commit
Change-Id: I22dd02daf617672fc0a8ba7e396017c57f17e26e
Signed-off-by: Bruce Beare <bruce.j.beare@intel.com>
2010-11-29 11:03:48 -08:00
Meng Hu ae7b91b680 debuggerd: Show function names in tombstone backtraces
This change enables debuggerd to provide backtraces with function
names in tombstone files and log messages.  It does this by reading
the image file that the address is found in, and parsing the dynamic
symbol table to try to extract the symbol corresponding to the given
address.

This works best when "-Wl,-export-dynamic" is added to the LDFLAGS
of each library and executable, because this will cause all symbols
to be added to the dynamic symbol table.  If this flag is not present,
it will still work, but it will only be able to identify functions
which are part of the external API of the library/executable.

Change-Id: I618baaff9ed9143b7d1a1f302224e9f21d2b0626
2010-05-24 17:20:10 -05:00
The Android Open Source Project dd7bc3319d auto import from //depot/cupcake/@135843 2009-03-03 19:32:55 -08:00
The Android Open Source Project e54eebbf1a auto import from //depot/cupcake/@135843 2009-03-03 18:29:04 -08:00
The Android Open Source Project 35237d1358 Code drop from //branches/cupcake/...@124589 2008-12-17 18:08:08 -08:00
The Android Open Source Project 4f6e8d7a00 Initial Contribution 2008-10-21 07:00:00 -07:00