1 /*
2 * Copyright 2008, The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 #define LOG_TAG "DEBUG"
18
19 #include "libdebuggerd/utility.h"
20
21 #include <errno.h>
22 #include <signal.h>
23 #include <string.h>
24 #include <sys/capability.h>
25 #include <sys/prctl.h>
26 #include <sys/ptrace.h>
27 #include <sys/uio.h>
28 #include <sys/wait.h>
29 #include <unistd.h>
30
31 #include <string>
32
33 #include <android-base/logging.h>
34 #include <android-base/properties.h>
35 #include <android-base/stringprintf.h>
36 #include <android-base/strings.h>
37 #include <android-base/unique_fd.h>
38 #include <debuggerd/handler.h>
39 #include <log/log.h>
40 #include <unwindstack/Memory.h>
41 #include <unwindstack/Unwinder.h>
42
43 using android::base::unique_fd;
44
45 // Whitelist output desired in the logcat output.
is_allowed_in_logcat(enum logtype ltype)46 bool is_allowed_in_logcat(enum logtype ltype) {
47 if ((ltype == HEADER)
48 || (ltype == REGISTERS)
49 || (ltype == BACKTRACE)) {
50 return true;
51 }
52 return false;
53 }
54
should_write_to_kmsg()55 static bool should_write_to_kmsg() {
56 // Write to kmsg if tombstoned isn't up, and we're able to do so.
57 if (!android::base::GetBoolProperty("ro.debuggable", false)) {
58 return false;
59 }
60
61 if (android::base::GetProperty("init.svc.tombstoned", "") == "running") {
62 return false;
63 }
64
65 return true;
66 }
67
68 __attribute__((__weak__, visibility("default")))
_LOG(log_t * log,enum logtype ltype,const char * fmt,...)69 void _LOG(log_t* log, enum logtype ltype, const char* fmt, ...) {
70 bool write_to_tombstone = (log->tfd != -1);
71 bool write_to_logcat = is_allowed_in_logcat(ltype)
72 && log->crashed_tid != -1
73 && log->current_tid != -1
74 && (log->crashed_tid == log->current_tid);
75 static bool write_to_kmsg = should_write_to_kmsg();
76
77 std::string msg;
78 va_list ap;
79 va_start(ap, fmt);
80 android::base::StringAppendV(&msg, fmt, ap);
81 va_end(ap);
82
83 if (msg.empty()) return;
84
85 if (write_to_tombstone) {
86 TEMP_FAILURE_RETRY(write(log->tfd, msg.c_str(), msg.size()));
87 }
88
89 if (write_to_logcat) {
90 __android_log_buf_write(LOG_ID_CRASH, ANDROID_LOG_FATAL, LOG_TAG, msg.c_str());
91 if (log->amfd_data != nullptr) {
92 *log->amfd_data += msg;
93 }
94
95 if (write_to_kmsg) {
96 unique_fd kmsg_fd(open("/dev/kmsg_debug", O_WRONLY | O_APPEND | O_CLOEXEC));
97 if (kmsg_fd.get() >= 0) {
98 // Our output might contain newlines which would otherwise be handled by the android logger.
99 // Split the lines up ourselves before sending to the kernel logger.
100 if (msg.back() == '\n') {
101 msg.back() = '\0';
102 }
103
104 std::vector<std::string> fragments = android::base::Split(msg, "\n");
105 for (const std::string& fragment : fragments) {
106 static constexpr char prefix[] = "<3>DEBUG: ";
107 struct iovec iov[3];
108 iov[0].iov_base = const_cast<char*>(prefix);
109 iov[0].iov_len = strlen(prefix);
110 iov[1].iov_base = const_cast<char*>(fragment.c_str());
111 iov[1].iov_len = fragment.length();
112 iov[2].iov_base = const_cast<char*>("\n");
113 iov[2].iov_len = 1;
114 TEMP_FAILURE_RETRY(writev(kmsg_fd.get(), iov, 3));
115 }
116 }
117 }
118 }
119 }
120
121 #define MEMORY_BYTES_TO_DUMP 256
122 #define MEMORY_BYTES_PER_LINE 16
123
dump_memory(log_t * log,unwindstack::Memory * memory,uint64_t addr,const std::string & label)124 void dump_memory(log_t* log, unwindstack::Memory* memory, uint64_t addr, const std::string& label) {
125 // Align the address to sizeof(long) and start 32 bytes before the address.
126 addr &= ~(sizeof(long) - 1);
127 if (addr >= 4128) {
128 addr -= 32;
129 }
130
131 // Don't bother if the address looks too low, or looks too high.
132 if (addr < 4096 ||
133 #if defined(__LP64__)
134 addr > 0x4000000000000000UL - MEMORY_BYTES_TO_DUMP) {
135 #else
136 addr > 0xffff0000 - MEMORY_BYTES_TO_DUMP) {
137 #endif
138 return;
139 }
140
141 _LOG(log, logtype::MEMORY, "\n%s:\n", label.c_str());
142
143 // Dump 256 bytes
144 uintptr_t data[MEMORY_BYTES_TO_DUMP/sizeof(uintptr_t)];
145 memset(data, 0, MEMORY_BYTES_TO_DUMP);
146 size_t bytes = memory->Read(addr, reinterpret_cast<uint8_t*>(data), sizeof(data));
147 if (bytes % sizeof(uintptr_t) != 0) {
148 // This should never happen, but just in case.
149 ALOGE("Bytes read %zu, is not a multiple of %zu", bytes, sizeof(uintptr_t));
150 bytes &= ~(sizeof(uintptr_t) - 1);
151 }
152
153 uint64_t start = 0;
154 bool skip_2nd_read = false;
155 if (bytes == 0) {
156 // In this case, we might want to try another read at the beginning of
157 // the next page only if it's within the amount of memory we would have
158 // read.
159 size_t page_size = sysconf(_SC_PAGE_SIZE);
160 start = ((addr + (page_size - 1)) & ~(page_size - 1)) - addr;
161 if (start == 0 || start >= MEMORY_BYTES_TO_DUMP) {
162 skip_2nd_read = true;
163 }
164 }
165
166 if (bytes < MEMORY_BYTES_TO_DUMP && !skip_2nd_read) {
167 // Try to do one more read. This could happen if a read crosses a map,
168 // but the maps do not have any break between them. Or it could happen
169 // if reading from an unreadable map, but the read would cross back
170 // into a readable map. Only requires one extra read because a map has
171 // to contain at least one page, and the total number of bytes to dump
172 // is smaller than a page.
173 size_t bytes2 = memory->Read(addr + start + bytes, reinterpret_cast<uint8_t*>(data) + bytes,
174 sizeof(data) - bytes - start);
175 bytes += bytes2;
176 if (bytes2 > 0 && bytes % sizeof(uintptr_t) != 0) {
177 // This should never happen, but we'll try and continue any way.
178 ALOGE("Bytes after second read %zu, is not a multiple of %zu", bytes, sizeof(uintptr_t));
179 bytes &= ~(sizeof(uintptr_t) - 1);
180 }
181 }
182
183 // Dump the code around memory as:
184 // addr contents ascii
185 // 0000000000008d34 ef000000e8bd0090 e1b00000512fff1e ............../Q
186 // 0000000000008d44 ea00b1f9e92d0090 e3a070fcef000000 ......-..p......
187 // On 32-bit machines, there are still 16 bytes per line but addresses and
188 // words are of course presented differently.
189 uintptr_t* data_ptr = data;
190 size_t current = 0;
191 size_t total_bytes = start + bytes;
192 for (size_t line = 0; line < MEMORY_BYTES_TO_DUMP / MEMORY_BYTES_PER_LINE; line++) {
193 std::string logline;
194 android::base::StringAppendF(&logline, " %" PRIPTR, addr);
195
196 addr += MEMORY_BYTES_PER_LINE;
197 std::string ascii;
198 for (size_t i = 0; i < MEMORY_BYTES_PER_LINE / sizeof(uintptr_t); i++) {
199 if (current >= start && current + sizeof(uintptr_t) <= total_bytes) {
200 android::base::StringAppendF(&logline, " %" PRIPTR, static_cast<uint64_t>(*data_ptr));
201
202 // Fill out the ascii string from the data.
203 uint8_t* ptr = reinterpret_cast<uint8_t*>(data_ptr);
204 for (size_t val = 0; val < sizeof(uintptr_t); val++, ptr++) {
205 if (*ptr >= 0x20 && *ptr < 0x7f) {
206 ascii += *ptr;
207 } else {
208 ascii += '.';
209 }
210 }
211 data_ptr++;
212 } else {
213 logline += ' ' + std::string(sizeof(uintptr_t) * 2, '-');
214 ascii += std::string(sizeof(uintptr_t), '.');
215 }
216 current += sizeof(uintptr_t);
217 }
218 _LOG(log, logtype::MEMORY, "%s %s\n", logline.c_str(), ascii.c_str());
219 }
220 }
221
222 void read_with_default(const char* path, char* buf, size_t len, const char* default_value) {
223 unique_fd fd(open(path, O_RDONLY | O_CLOEXEC));
224 if (fd != -1) {
225 int rc = TEMP_FAILURE_RETRY(read(fd.get(), buf, len - 1));
226 if (rc != -1) {
227 buf[rc] = '\0';
228
229 // Trim trailing newlines.
230 if (rc > 0 && buf[rc - 1] == '\n') {
231 buf[rc - 1] = '\0';
232 }
233 return;
234 }
235 }
236 strcpy(buf, default_value);
237 }
238
239 void drop_capabilities() {
240 __user_cap_header_struct capheader;
241 memset(&capheader, 0, sizeof(capheader));
242 capheader.version = _LINUX_CAPABILITY_VERSION_3;
243 capheader.pid = 0;
244
245 __user_cap_data_struct capdata[2];
246 memset(&capdata, 0, sizeof(capdata));
247
248 if (capset(&capheader, &capdata[0]) == -1) {
249 PLOG(FATAL) << "failed to drop capabilities";
250 }
251
252 if (prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0) != 0) {
253 PLOG(FATAL) << "failed to set PR_SET_NO_NEW_PRIVS";
254 }
255 }
256
257 bool signal_has_si_addr(const siginfo_t* si) {
258 // Manually sent signals won't have si_addr.
259 if (si->si_code == SI_USER || si->si_code == SI_QUEUE || si->si_code == SI_TKILL) {
260 return false;
261 }
262
263 switch (si->si_signo) {
264 case SIGBUS:
265 case SIGFPE:
266 case SIGILL:
267 case SIGSEGV:
268 case SIGTRAP:
269 return true;
270 default:
271 return false;
272 }
273 }
274
275 bool signal_has_sender(const siginfo_t* si, pid_t caller_pid) {
276 return SI_FROMUSER(si) && (si->si_pid != 0) && (si->si_pid != caller_pid);
277 }
278
279 void get_signal_sender(char* buf, size_t n, const siginfo_t* si) {
280 snprintf(buf, n, " from pid %d, uid %d", si->si_pid, si->si_uid);
281 }
282
283 const char* get_signame(const siginfo_t* si) {
284 switch (si->si_signo) {
285 case SIGABRT: return "SIGABRT";
286 case SIGBUS: return "SIGBUS";
287 case SIGFPE: return "SIGFPE";
288 case SIGILL: return "SIGILL";
289 case SIGSEGV: return "SIGSEGV";
290 case SIGSTKFLT: return "SIGSTKFLT";
291 case SIGSTOP: return "SIGSTOP";
292 case SIGSYS: return "SIGSYS";
293 case SIGTRAP: return "SIGTRAP";
294 case DEBUGGER_SIGNAL: return "<debuggerd signal>";
295 default: return "?";
296 }
297 }
298
299 const char* get_sigcode(const siginfo_t* si) {
300 // Try the signal-specific codes...
301 switch (si->si_signo) {
302 case SIGILL:
303 switch (si->si_code) {
304 case ILL_ILLOPC: return "ILL_ILLOPC";
305 case ILL_ILLOPN: return "ILL_ILLOPN";
306 case ILL_ILLADR: return "ILL_ILLADR";
307 case ILL_ILLTRP: return "ILL_ILLTRP";
308 case ILL_PRVOPC: return "ILL_PRVOPC";
309 case ILL_PRVREG: return "ILL_PRVREG";
310 case ILL_COPROC: return "ILL_COPROC";
311 case ILL_BADSTK: return "ILL_BADSTK";
312 case ILL_BADIADDR:
313 return "ILL_BADIADDR";
314 case __ILL_BREAK:
315 return "ILL_BREAK";
316 case __ILL_BNDMOD:
317 return "ILL_BNDMOD";
318 }
319 static_assert(NSIGILL == __ILL_BNDMOD, "missing ILL_* si_code");
320 break;
321 case SIGBUS:
322 switch (si->si_code) {
323 case BUS_ADRALN: return "BUS_ADRALN";
324 case BUS_ADRERR: return "BUS_ADRERR";
325 case BUS_OBJERR: return "BUS_OBJERR";
326 case BUS_MCEERR_AR: return "BUS_MCEERR_AR";
327 case BUS_MCEERR_AO: return "BUS_MCEERR_AO";
328 }
329 static_assert(NSIGBUS == BUS_MCEERR_AO, "missing BUS_* si_code");
330 break;
331 case SIGFPE:
332 switch (si->si_code) {
333 case FPE_INTDIV: return "FPE_INTDIV";
334 case FPE_INTOVF: return "FPE_INTOVF";
335 case FPE_FLTDIV: return "FPE_FLTDIV";
336 case FPE_FLTOVF: return "FPE_FLTOVF";
337 case FPE_FLTUND: return "FPE_FLTUND";
338 case FPE_FLTRES: return "FPE_FLTRES";
339 case FPE_FLTINV: return "FPE_FLTINV";
340 case FPE_FLTSUB: return "FPE_FLTSUB";
341 case __FPE_DECOVF:
342 return "FPE_DECOVF";
343 case __FPE_DECDIV:
344 return "FPE_DECDIV";
345 case __FPE_DECERR:
346 return "FPE_DECERR";
347 case __FPE_INVASC:
348 return "FPE_INVASC";
349 case __FPE_INVDEC:
350 return "FPE_INVDEC";
351 case FPE_FLTUNK:
352 return "FPE_FLTUNK";
353 case FPE_CONDTRAP:
354 return "FPE_CONDTRAP";
355 }
356 static_assert(NSIGFPE == FPE_CONDTRAP, "missing FPE_* si_code");
357 break;
358 case SIGSEGV:
359 switch (si->si_code) {
360 case SEGV_MAPERR: return "SEGV_MAPERR";
361 case SEGV_ACCERR: return "SEGV_ACCERR";
362 case SEGV_BNDERR: return "SEGV_BNDERR";
363 case SEGV_PKUERR: return "SEGV_PKUERR";
364 case SEGV_ACCADI:
365 return "SEGV_ACCADI";
366 case SEGV_ADIDERR:
367 return "SEGV_ADIDERR";
368 case SEGV_ADIPERR:
369 return "SEGV_ADIPERR";
370 }
371 static_assert(NSIGSEGV == SEGV_ADIPERR, "missing SEGV_* si_code");
372 break;
373 case SIGSYS:
374 switch (si->si_code) {
375 case SYS_SECCOMP: return "SYS_SECCOMP";
376 }
377 static_assert(NSIGSYS == SYS_SECCOMP, "missing SYS_* si_code");
378 break;
379 case SIGTRAP:
380 switch (si->si_code) {
381 case TRAP_BRKPT: return "TRAP_BRKPT";
382 case TRAP_TRACE: return "TRAP_TRACE";
383 case TRAP_BRANCH: return "TRAP_BRANCH";
384 case TRAP_HWBKPT: return "TRAP_HWBKPT";
385 case TRAP_UNK:
386 return "TRAP_UNDIAGNOSED";
387 }
388 if ((si->si_code & 0xff) == SIGTRAP) {
389 switch ((si->si_code >> 8) & 0xff) {
390 case PTRACE_EVENT_FORK:
391 return "PTRACE_EVENT_FORK";
392 case PTRACE_EVENT_VFORK:
393 return "PTRACE_EVENT_VFORK";
394 case PTRACE_EVENT_CLONE:
395 return "PTRACE_EVENT_CLONE";
396 case PTRACE_EVENT_EXEC:
397 return "PTRACE_EVENT_EXEC";
398 case PTRACE_EVENT_VFORK_DONE:
399 return "PTRACE_EVENT_VFORK_DONE";
400 case PTRACE_EVENT_EXIT:
401 return "PTRACE_EVENT_EXIT";
402 case PTRACE_EVENT_SECCOMP:
403 return "PTRACE_EVENT_SECCOMP";
404 case PTRACE_EVENT_STOP:
405 return "PTRACE_EVENT_STOP";
406 }
407 }
408 static_assert(NSIGTRAP == TRAP_UNK, "missing TRAP_* si_code");
409 break;
410 }
411 // Then the other codes...
412 switch (si->si_code) {
413 case SI_USER: return "SI_USER";
414 case SI_KERNEL: return "SI_KERNEL";
415 case SI_QUEUE: return "SI_QUEUE";
416 case SI_TIMER: return "SI_TIMER";
417 case SI_MESGQ: return "SI_MESGQ";
418 case SI_ASYNCIO: return "SI_ASYNCIO";
419 case SI_SIGIO: return "SI_SIGIO";
420 case SI_TKILL: return "SI_TKILL";
421 case SI_DETHREAD: return "SI_DETHREAD";
422 }
423 // Then give up...
424 return "?";
425 }
426
427 void log_backtrace(log_t* log, unwindstack::Unwinder* unwinder, const char* prefix) {
428 if (unwinder->elf_from_memory_not_file()) {
429 _LOG(log, logtype::BACKTRACE,
430 "%sNOTE: Function names and BuildId information is missing for some frames due\n", prefix);
431 _LOG(log, logtype::BACKTRACE,
432 "%sNOTE: to unreadable libraries. For unwinds of apps, only shared libraries\n", prefix);
433 _LOG(log, logtype::BACKTRACE, "%sNOTE: found under the lib/ directory are readable.\n", prefix);
434 #if defined(ROOT_POSSIBLE)
435 _LOG(log, logtype::BACKTRACE,
436 "%sNOTE: On this device, run setenforce 0 to make the libraries readable.\n", prefix);
437 #endif
438 }
439
440 unwinder->SetDisplayBuildID(true);
441 for (size_t i = 0; i < unwinder->NumFrames(); i++) {
442 _LOG(log, logtype::BACKTRACE, "%s%s\n", prefix, unwinder->FormatFrame(i).c_str());
443 }
444 }
445