1 /*
2 * Copyright 2008, The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 #define LOG_TAG "DEBUG"
18
19 #include "libdebuggerd/utility.h"
20
21 #include <errno.h>
22 #include <signal.h>
23 #include <string.h>
24 #include <sys/capability.h>
25 #include <sys/prctl.h>
26 #include <sys/ptrace.h>
27 #include <sys/uio.h>
28 #include <sys/wait.h>
29 #include <unistd.h>
30
31 #include <string>
32
33 #include <android-base/logging.h>
34 #include <android-base/properties.h>
35 #include <android-base/stringprintf.h>
36 #include <android-base/strings.h>
37 #include <android-base/unique_fd.h>
38 #include <bionic/mte_kernel.h>
39 #include <bionic/reserved_signals.h>
40 #include <debuggerd/handler.h>
41 #include <log/log.h>
42 #include <unwindstack/Memory.h>
43 #include <unwindstack/Unwinder.h>
44
45 using android::base::unique_fd;
46
47 // Whitelist output desired in the logcat output.
is_allowed_in_logcat(enum logtype ltype)48 bool is_allowed_in_logcat(enum logtype ltype) {
49 if ((ltype == HEADER)
50 || (ltype == REGISTERS)
51 || (ltype == BACKTRACE)) {
52 return true;
53 }
54 return false;
55 }
56
should_write_to_kmsg()57 static bool should_write_to_kmsg() {
58 // Write to kmsg if tombstoned isn't up, and we're able to do so.
59 if (!android::base::GetBoolProperty("ro.debuggable", false)) {
60 return false;
61 }
62
63 if (android::base::GetProperty("init.svc.tombstoned", "") == "running") {
64 return false;
65 }
66
67 return true;
68 }
69
70 __attribute__((__weak__, visibility("default")))
_LOG(log_t * log,enum logtype ltype,const char * fmt,...)71 void _LOG(log_t* log, enum logtype ltype, const char* fmt, ...) {
72 va_list ap;
73 va_start(ap, fmt);
74 _VLOG(log, ltype, fmt, ap);
75 va_end(ap);
76 }
77
78 __attribute__((__weak__, visibility("default")))
_VLOG(log_t * log,enum logtype ltype,const char * fmt,va_list ap)79 void _VLOG(log_t* log, enum logtype ltype, const char* fmt, va_list ap) {
80 bool write_to_tombstone = (log->tfd != -1);
81 bool write_to_logcat = is_allowed_in_logcat(ltype)
82 && log->crashed_tid != -1
83 && log->current_tid != -1
84 && (log->crashed_tid == log->current_tid);
85 static bool write_to_kmsg = should_write_to_kmsg();
86
87 std::string msg;
88 android::base::StringAppendV(&msg, fmt, ap);
89
90 if (msg.empty()) return;
91
92 if (write_to_tombstone) {
93 TEMP_FAILURE_RETRY(write(log->tfd, msg.c_str(), msg.size()));
94 }
95
96 if (write_to_logcat) {
97 __android_log_buf_write(LOG_ID_CRASH, ANDROID_LOG_FATAL, LOG_TAG, msg.c_str());
98 if (log->amfd_data != nullptr) {
99 *log->amfd_data += msg;
100 }
101
102 if (write_to_kmsg) {
103 unique_fd kmsg_fd(open("/dev/kmsg_debug", O_WRONLY | O_APPEND | O_CLOEXEC));
104 if (kmsg_fd.get() >= 0) {
105 // Our output might contain newlines which would otherwise be handled by the android logger.
106 // Split the lines up ourselves before sending to the kernel logger.
107 if (msg.back() == '\n') {
108 msg.back() = '\0';
109 }
110
111 std::vector<std::string> fragments = android::base::Split(msg, "\n");
112 for (const std::string& fragment : fragments) {
113 static constexpr char prefix[] = "<3>DEBUG: ";
114 struct iovec iov[3];
115 iov[0].iov_base = const_cast<char*>(prefix);
116 iov[0].iov_len = strlen(prefix);
117 iov[1].iov_base = const_cast<char*>(fragment.c_str());
118 iov[1].iov_len = fragment.length();
119 iov[2].iov_base = const_cast<char*>("\n");
120 iov[2].iov_len = 1;
121 TEMP_FAILURE_RETRY(writev(kmsg_fd.get(), iov, 3));
122 }
123 }
124 }
125 }
126 }
127
128 #define MEMORY_BYTES_TO_DUMP 256
129 #define MEMORY_BYTES_PER_LINE 16
130
dump_memory(log_t * log,unwindstack::Memory * memory,uint64_t addr,const std::string & label)131 void dump_memory(log_t* log, unwindstack::Memory* memory, uint64_t addr, const std::string& label) {
132 // Align the address to the number of bytes per line to avoid confusing memory tag output if
133 // memory is tagged and we start from a misaligned address. Start 32 bytes before the address.
134 addr &= ~(MEMORY_BYTES_PER_LINE - 1);
135 if (addr >= 4128) {
136 addr -= 32;
137 }
138
139 // We don't want the address tag to appear in the addresses in the memory dump.
140 addr = untag_address(addr);
141
142 // Don't bother if the address would overflow, taking tag bits into account. Note that
143 // untag_address truncates to 32 bits on 32-bit platforms as a side effect of returning a
144 // uintptr_t, so this also checks for 32-bit overflow.
145 if (untag_address(addr + MEMORY_BYTES_TO_DUMP - 1) < addr) {
146 return;
147 }
148
149 // Dump 256 bytes
150 uintptr_t data[MEMORY_BYTES_TO_DUMP/sizeof(uintptr_t)];
151 memset(data, 0, MEMORY_BYTES_TO_DUMP);
152 size_t bytes = memory->Read(addr, reinterpret_cast<uint8_t*>(data), sizeof(data));
153 if (bytes % sizeof(uintptr_t) != 0) {
154 // This should never happen, but just in case.
155 ALOGE("Bytes read %zu, is not a multiple of %zu", bytes, sizeof(uintptr_t));
156 bytes &= ~(sizeof(uintptr_t) - 1);
157 }
158
159 uint64_t start = 0;
160 bool skip_2nd_read = false;
161 if (bytes == 0) {
162 // In this case, we might want to try another read at the beginning of
163 // the next page only if it's within the amount of memory we would have
164 // read.
165 size_t page_size = sysconf(_SC_PAGE_SIZE);
166 start = ((addr + (page_size - 1)) & ~(page_size - 1)) - addr;
167 if (start == 0 || start >= MEMORY_BYTES_TO_DUMP) {
168 skip_2nd_read = true;
169 }
170 }
171
172 if (bytes < MEMORY_BYTES_TO_DUMP && !skip_2nd_read) {
173 // Try to do one more read. This could happen if a read crosses a map,
174 // but the maps do not have any break between them. Or it could happen
175 // if reading from an unreadable map, but the read would cross back
176 // into a readable map. Only requires one extra read because a map has
177 // to contain at least one page, and the total number of bytes to dump
178 // is smaller than a page.
179 size_t bytes2 = memory->Read(addr + start + bytes, reinterpret_cast<uint8_t*>(data) + bytes,
180 sizeof(data) - bytes - start);
181 bytes += bytes2;
182 if (bytes2 > 0 && bytes % sizeof(uintptr_t) != 0) {
183 // This should never happen, but we'll try and continue any way.
184 ALOGE("Bytes after second read %zu, is not a multiple of %zu", bytes, sizeof(uintptr_t));
185 bytes &= ~(sizeof(uintptr_t) - 1);
186 }
187 }
188
189 // If we were unable to read anything, it probably means that the register doesn't contain a
190 // valid pointer. In that case, skip the output for this register entirely rather than emitting 16
191 // lines of dashes.
192 if (bytes == 0) {
193 return;
194 }
195
196 _LOG(log, logtype::MEMORY, "\n%s:\n", label.c_str());
197
198 // Dump the code around memory as:
199 // addr contents ascii
200 // 0000000000008d34 ef000000e8bd0090 e1b00000512fff1e ............../Q
201 // 0000000000008d44 ea00b1f9e92d0090 e3a070fcef000000 ......-..p......
202 // On 32-bit machines, there are still 16 bytes per line but addresses and
203 // words are of course presented differently.
204 uintptr_t* data_ptr = data;
205 size_t current = 0;
206 size_t total_bytes = start + bytes;
207 for (size_t line = 0; line < MEMORY_BYTES_TO_DUMP / MEMORY_BYTES_PER_LINE; line++) {
208 uint64_t tagged_addr = addr;
209 long tag = memory->ReadTag(addr);
210 if (tag >= 0) {
211 tagged_addr |= static_cast<uint64_t>(tag) << 56;
212 }
213 std::string logline;
214 android::base::StringAppendF(&logline, " %" PRIPTR, tagged_addr);
215
216 addr += MEMORY_BYTES_PER_LINE;
217 std::string ascii;
218 for (size_t i = 0; i < MEMORY_BYTES_PER_LINE / sizeof(uintptr_t); i++) {
219 if (current >= start && current + sizeof(uintptr_t) <= total_bytes) {
220 android::base::StringAppendF(&logline, " %" PRIPTR, static_cast<uint64_t>(*data_ptr));
221
222 // Fill out the ascii string from the data.
223 uint8_t* ptr = reinterpret_cast<uint8_t*>(data_ptr);
224 for (size_t val = 0; val < sizeof(uintptr_t); val++, ptr++) {
225 if (*ptr >= 0x20 && *ptr < 0x7f) {
226 ascii += *ptr;
227 } else {
228 ascii += '.';
229 }
230 }
231 data_ptr++;
232 } else {
233 logline += ' ' + std::string(sizeof(uintptr_t) * 2, '-');
234 ascii += std::string(sizeof(uintptr_t), '.');
235 }
236 current += sizeof(uintptr_t);
237 }
238 _LOG(log, logtype::MEMORY, "%s %s\n", logline.c_str(), ascii.c_str());
239 }
240 }
241
drop_capabilities()242 void drop_capabilities() {
243 __user_cap_header_struct capheader;
244 memset(&capheader, 0, sizeof(capheader));
245 capheader.version = _LINUX_CAPABILITY_VERSION_3;
246 capheader.pid = 0;
247
248 __user_cap_data_struct capdata[2];
249 memset(&capdata, 0, sizeof(capdata));
250
251 if (capset(&capheader, &capdata[0]) == -1) {
252 PLOG(FATAL) << "failed to drop capabilities";
253 }
254
255 if (prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0) != 0) {
256 PLOG(FATAL) << "failed to set PR_SET_NO_NEW_PRIVS";
257 }
258 }
259
signal_has_si_addr(const siginfo_t * si)260 bool signal_has_si_addr(const siginfo_t* si) {
261 // Manually sent signals won't have si_addr.
262 if (si->si_code == SI_USER || si->si_code == SI_QUEUE || si->si_code == SI_TKILL) {
263 return false;
264 }
265
266 switch (si->si_signo) {
267 case SIGBUS:
268 case SIGFPE:
269 case SIGILL:
270 case SIGSEGV:
271 case SIGTRAP:
272 return true;
273 default:
274 return false;
275 }
276 }
277
signal_has_sender(const siginfo_t * si,pid_t caller_pid)278 bool signal_has_sender(const siginfo_t* si, pid_t caller_pid) {
279 return SI_FROMUSER(si) && (si->si_pid != 0) && (si->si_pid != caller_pid);
280 }
281
get_signal_sender(char * buf,size_t n,const siginfo_t * si)282 void get_signal_sender(char* buf, size_t n, const siginfo_t* si) {
283 snprintf(buf, n, " from pid %d, uid %d", si->si_pid, si->si_uid);
284 }
285
get_signame(const siginfo_t * si)286 const char* get_signame(const siginfo_t* si) {
287 switch (si->si_signo) {
288 case SIGABRT: return "SIGABRT";
289 case SIGBUS: return "SIGBUS";
290 case SIGFPE: return "SIGFPE";
291 case SIGILL: return "SIGILL";
292 case SIGSEGV: return "SIGSEGV";
293 case SIGSTKFLT: return "SIGSTKFLT";
294 case SIGSTOP: return "SIGSTOP";
295 case SIGSYS: return "SIGSYS";
296 case SIGTRAP: return "SIGTRAP";
297 case BIONIC_SIGNAL_DEBUGGER:
298 return "<debuggerd signal>";
299 default: return "?";
300 }
301 }
302
get_sigcode(const siginfo_t * si)303 const char* get_sigcode(const siginfo_t* si) {
304 // Try the signal-specific codes...
305 switch (si->si_signo) {
306 case SIGILL:
307 switch (si->si_code) {
308 case ILL_ILLOPC: return "ILL_ILLOPC";
309 case ILL_ILLOPN: return "ILL_ILLOPN";
310 case ILL_ILLADR: return "ILL_ILLADR";
311 case ILL_ILLTRP: return "ILL_ILLTRP";
312 case ILL_PRVOPC: return "ILL_PRVOPC";
313 case ILL_PRVREG: return "ILL_PRVREG";
314 case ILL_COPROC: return "ILL_COPROC";
315 case ILL_BADSTK: return "ILL_BADSTK";
316 case ILL_BADIADDR:
317 return "ILL_BADIADDR";
318 case __ILL_BREAK:
319 return "ILL_BREAK";
320 case __ILL_BNDMOD:
321 return "ILL_BNDMOD";
322 }
323 static_assert(NSIGILL == __ILL_BNDMOD, "missing ILL_* si_code");
324 break;
325 case SIGBUS:
326 switch (si->si_code) {
327 case BUS_ADRALN: return "BUS_ADRALN";
328 case BUS_ADRERR: return "BUS_ADRERR";
329 case BUS_OBJERR: return "BUS_OBJERR";
330 case BUS_MCEERR_AR: return "BUS_MCEERR_AR";
331 case BUS_MCEERR_AO: return "BUS_MCEERR_AO";
332 }
333 static_assert(NSIGBUS == BUS_MCEERR_AO, "missing BUS_* si_code");
334 break;
335 case SIGFPE:
336 switch (si->si_code) {
337 case FPE_INTDIV: return "FPE_INTDIV";
338 case FPE_INTOVF: return "FPE_INTOVF";
339 case FPE_FLTDIV: return "FPE_FLTDIV";
340 case FPE_FLTOVF: return "FPE_FLTOVF";
341 case FPE_FLTUND: return "FPE_FLTUND";
342 case FPE_FLTRES: return "FPE_FLTRES";
343 case FPE_FLTINV: return "FPE_FLTINV";
344 case FPE_FLTSUB: return "FPE_FLTSUB";
345 case __FPE_DECOVF:
346 return "FPE_DECOVF";
347 case __FPE_DECDIV:
348 return "FPE_DECDIV";
349 case __FPE_DECERR:
350 return "FPE_DECERR";
351 case __FPE_INVASC:
352 return "FPE_INVASC";
353 case __FPE_INVDEC:
354 return "FPE_INVDEC";
355 case FPE_FLTUNK:
356 return "FPE_FLTUNK";
357 case FPE_CONDTRAP:
358 return "FPE_CONDTRAP";
359 }
360 static_assert(NSIGFPE == FPE_CONDTRAP, "missing FPE_* si_code");
361 break;
362 case SIGSEGV:
363 switch (si->si_code) {
364 case SEGV_MAPERR: return "SEGV_MAPERR";
365 case SEGV_ACCERR: return "SEGV_ACCERR";
366 case SEGV_BNDERR: return "SEGV_BNDERR";
367 case SEGV_PKUERR: return "SEGV_PKUERR";
368 case SEGV_ACCADI:
369 return "SEGV_ACCADI";
370 case SEGV_ADIDERR:
371 return "SEGV_ADIDERR";
372 case SEGV_ADIPERR:
373 return "SEGV_ADIPERR";
374 #if defined(ANDROID_EXPERIMENTAL_MTE)
375 case SEGV_MTEAERR:
376 return "SEGV_MTEAERR";
377 case SEGV_MTESERR:
378 return "SEGV_MTESERR";
379 #endif
380 }
381 static_assert(NSIGSEGV == SEGV_ADIPERR, "missing SEGV_* si_code");
382 break;
383 case SIGSYS:
384 switch (si->si_code) {
385 case SYS_SECCOMP: return "SYS_SECCOMP";
386 }
387 static_assert(NSIGSYS == SYS_SECCOMP, "missing SYS_* si_code");
388 break;
389 case SIGTRAP:
390 switch (si->si_code) {
391 case TRAP_BRKPT: return "TRAP_BRKPT";
392 case TRAP_TRACE: return "TRAP_TRACE";
393 case TRAP_BRANCH: return "TRAP_BRANCH";
394 case TRAP_HWBKPT: return "TRAP_HWBKPT";
395 case TRAP_UNK:
396 return "TRAP_UNDIAGNOSED";
397 }
398 if ((si->si_code & 0xff) == SIGTRAP) {
399 switch ((si->si_code >> 8) & 0xff) {
400 case PTRACE_EVENT_FORK:
401 return "PTRACE_EVENT_FORK";
402 case PTRACE_EVENT_VFORK:
403 return "PTRACE_EVENT_VFORK";
404 case PTRACE_EVENT_CLONE:
405 return "PTRACE_EVENT_CLONE";
406 case PTRACE_EVENT_EXEC:
407 return "PTRACE_EVENT_EXEC";
408 case PTRACE_EVENT_VFORK_DONE:
409 return "PTRACE_EVENT_VFORK_DONE";
410 case PTRACE_EVENT_EXIT:
411 return "PTRACE_EVENT_EXIT";
412 case PTRACE_EVENT_SECCOMP:
413 return "PTRACE_EVENT_SECCOMP";
414 case PTRACE_EVENT_STOP:
415 return "PTRACE_EVENT_STOP";
416 }
417 }
418 static_assert(NSIGTRAP == TRAP_UNK, "missing TRAP_* si_code");
419 break;
420 }
421 // Then the other codes...
422 switch (si->si_code) {
423 case SI_USER: return "SI_USER";
424 case SI_KERNEL: return "SI_KERNEL";
425 case SI_QUEUE: return "SI_QUEUE";
426 case SI_TIMER: return "SI_TIMER";
427 case SI_MESGQ: return "SI_MESGQ";
428 case SI_ASYNCIO: return "SI_ASYNCIO";
429 case SI_SIGIO: return "SI_SIGIO";
430 case SI_TKILL: return "SI_TKILL";
431 case SI_DETHREAD: return "SI_DETHREAD";
432 }
433 // Then give up...
434 return "?";
435 }
436
log_backtrace(log_t * log,unwindstack::Unwinder * unwinder,const char * prefix)437 void log_backtrace(log_t* log, unwindstack::Unwinder* unwinder, const char* prefix) {
438 if (unwinder->elf_from_memory_not_file()) {
439 _LOG(log, logtype::BACKTRACE,
440 "%sNOTE: Function names and BuildId information is missing for some frames due\n", prefix);
441 _LOG(log, logtype::BACKTRACE,
442 "%sNOTE: to unreadable libraries. For unwinds of apps, only shared libraries\n", prefix);
443 _LOG(log, logtype::BACKTRACE, "%sNOTE: found under the lib/ directory are readable.\n", prefix);
444 #if defined(ROOT_POSSIBLE)
445 _LOG(log, logtype::BACKTRACE,
446 "%sNOTE: On this device, run setenforce 0 to make the libraries readable.\n", prefix);
447 #endif
448 }
449
450 unwinder->SetDisplayBuildID(true);
451 for (size_t i = 0; i < unwinder->NumFrames(); i++) {
452 _LOG(log, logtype::BACKTRACE, "%s%s\n", prefix, unwinder->FormatFrame(i).c_str());
453 }
454 }
455
456 #if defined(__aarch64__)
457 #define FAR_MAGIC 0x46415201
458
459 struct far_context {
460 struct _aarch64_ctx head;
461 __u64 far;
462 };
463 #endif
464
get_fault_address(const siginfo_t * siginfo,const ucontext_t * ucontext)465 uintptr_t get_fault_address(const siginfo_t* siginfo, const ucontext_t* ucontext) {
466 (void)ucontext;
467 #if defined(__aarch64__)
468 // This relies on a kernel patch:
469 // https://patchwork.kernel.org/patch/11435077/
470 // that hasn't been accepted into the kernel yet. TODO(pcc): Update this to
471 // use the official interface once it lands.
472 auto* begin = reinterpret_cast<const char*>(ucontext->uc_mcontext.__reserved);
473 auto* end = begin + sizeof(ucontext->uc_mcontext.__reserved);
474 auto* ptr = begin;
475 while (1) {
476 auto* ctx = reinterpret_cast<const _aarch64_ctx*>(ptr);
477 if (ctx->magic == 0) {
478 break;
479 }
480 if (ctx->magic == FAR_MAGIC) {
481 auto* far_ctx = reinterpret_cast<const far_context*>(ctx);
482 return far_ctx->far;
483 }
484 ptr += ctx->size;
485 if (ctx->size % sizeof(void*) != 0 || ptr < begin || ptr >= end) {
486 break;
487 }
488 }
489 #endif
490 return reinterpret_cast<uintptr_t>(siginfo->si_addr);
491 }
492