Commit graph

778 commits

Author SHA1 Message Date
Mitch Phillips
1d792bf90a Merge "[MTE] Cleanup tagged si_addr refs to fix mappings OOB bug." 2021-01-25 17:20:40 +00:00
Mitch Phillips
e4adff0721 [MTE] Cleanup tagged si_addr refs to fix mappings OOB bug.
Currently, all MTE failures end up displaying 'Fault address falls at
0x<addr> after any mapped regions'. Clearly when scanning, we should use
the untagged address to figure out which ranges it's in.

I've taken the liberty of removing all si_addr parsing and moving it
into the common ProcessInfo, as well as making it really explicit
whether you want the (possibly tagged) original si_addr, or whether you
want the untagged variant (for scanning /proc/maps or whatever).

This is not particularly easily testable, as ReadCrashInfo isn't easily
injectable and `dump_all_maps` should already be passed the untagged
pointer to scan for. I've tested this locally on FVP under SYNC MTE with
a simple UaF binary and noted the problem is fixed. Given that this is
making the code more clear, I'm hoping the owners see no need for a
regression test :).

Bug: 135772972
Test: On FVP, run 'adb shell MEMTAG_OPTIONS=sync sanitizer-status' and
      check that the use-after-free test ends up with the /proc/maps
      desription in the right place.
Change-Id: I220e4200c75a72474a95a67e5bbc36173a438dd2
2021-01-21 20:49:06 -08:00
Josh Gao
92317d82c9 libdebuggerd: add protobuf implementation.
This commit implements protobuf output for tombstones, along with a
translator that should emit bytewise identical output to the existing
tombstone dumping code, except for ancillary data from GWP-ASan and
Scudo, which haven't been implemented yet.

Test: setprop debug.debuggerd.translate.translate_proto_to_text 1 &&
        /data/nativetest64/debuggerd_test/debuggerd_test
Test: for TOMBSTONE in /data/tombstones/tombstone_??; do
        pbtombstone $TOMBSTONE.pb | diff $TOMBSTONE -
      done
Change-Id: Ieeece6e6d1c26eb608b00ec24e2e725e161c8c92
2021-01-21 15:40:23 -08:00
Elliott Hughes
d8af5b5e4f Remove unnecessary #includes.
Sadly, it looks like we do still really use libcutils for some of the
socket functions.

Test: treehugger
Change-Id: Ic71f97507c89b10d2f3b7a2971064a9e6b1d349d
2021-01-19 09:21:52 -08:00
Elliott Hughes
03b283a65f Move debuggerd_test over to mallopt().
Bug: http://b/135772972
Test: treehugger
Change-Id: I178f2a753b5608d9e72cee8874524ad4faf701d7
2021-01-15 11:34:26 -08:00
Josh Gao
1091d24c16 tombstoned: support for protobuf fds.
Test: debuggerd_test
Change-Id: Id0f0fa2856e4b8e57d7dc0e1495134e943b289da
2021-01-13 13:35:45 -08:00
Josh Gao
e2aa621c83 tombstoned: make it easier to add more types of outputs.
While we're at it, switch to unlinkat.

Test: debuggerd_test
Change-Id: I8d285c4b4e94effa1acb8f69ac3af4ff8c37defb
2021-01-13 13:35:45 -08:00
Josh Gao
9a61f685d8 tombstoned: switch from goto to RAII.
Test: debuggerd_test
Change-Id: Ide6811297bf59776619aac6ed96653ae5cc84040
2021-01-13 13:35:45 -08:00
Peter Collingbourne
cd27807bfe Remove ANDROID_EXPERIMENTAL_MTE.
Now that the feature guarded by this flag has landed in Linux 5.10
we no longer need the flag, so we can remove it.

Bug: 135772972
Change-Id: I02fa50848cbd0486c23c8a229bb8f1ab5dd5a56f
2021-01-11 10:55:51 -08:00
Christopher Ferris
6ddc2c56c9 Update for v5.10 kernel headers.
Test: Builds.
Change-Id: I6c4b04751df026ef7cbb91627174188c5e6d137c
2020-12-14 22:36:37 -08:00
David Srbecky
8efcd6325c Adjust to MapInfo to new api.
Change-Id: Ic3818a8b001657e6b54ba6fcbf68f8c1d7ef2683
2020-11-24 17:27:05 +00:00
Peter Collingbourne
48c35f0cf6 Merge "Change the android_mallopt(M_SET_HEAP_TAGGING_LEVEL) API." 2020-11-18 20:57:36 +00:00
Peter Collingbourne
71ad49554f Change the android_mallopt(M_SET_HEAP_TAGGING_LEVEL) API.
- Make it apply to every thread, and thus remove the restriction
  that it must be called while the program is single threaded.
- Make it change TCF0 itself (on all threads), instead of requiring
  callers to do it themselves, which can be error prone.

And update all of the call sites.

Change the implementation of
android_mallopt(M_DISABLE_MEMORY_MITIGATIONS) to call
android_mallopt(M_SET_HEAP_TAGGING_LEVEL) internally. This avoids
crashes during startup that were observed when the two mallopts
updated TCF0 unaware of each other.

I wouldn't expect there to be any out-of-tree callers at this point,
but it's worth noting that the new interface is backwards compatible
with the old one because it strictly expands the set of situations in
which the API can be used (i.e. situations where there are multiple
threads running or where TCF0 hadn't been updated beforehand).

Bug: 135772972
Change-Id: I7746707898ff31ef2e0af01c4f55ba90b72bef51
2020-11-18 10:24:29 -08:00
Peter Collingbourne
ebc78cc852 Switch to the new kernel API for obtaining fault address tag bits.
The discussion on LKML is converging on v16 of the fault address tag
bits patch [1]. In this version of the patch the presence of the tag
bits in si_addr is controlled by a sa_flags bit, and a protocol is
introduced to allow userspace to detect kernel support for sa_flags
bits. Update the tombstone signal handler to use this API to read
the tag bits, update the interceptors in libsigchain to implement
the flag support detection protocol and hide the tag bits in si_addr
from chained signal handlers that did not request them to match the
kernel behavior.

[1] https://lore.kernel.org/linux-arm-kernel/cover.1605235762.git.pcc@google.com/

Change-Id: I57f24c07c01ceb3e5b81cfc15edf559ef7dfc740
2020-11-13 16:08:27 -08:00
Treehugger Robot
485505c06d Merge "Fix the expected tagged_addr_ctrl in a test." 2020-11-03 03:12:02 +00:00
Peter Collingbourne
2b6764a625 Fix the expected tagged_addr_ctrl in a test.
It turns out that I had originally written the test with a local
patch applied that forces TCF0 to SYNC, so it was testing for the
wrong tagged_addr_ctrl value. Fix it.

Bug: 135772972
Change-Id: Ibb9b25e5f5635372ad5de7825c31d7264ff02590
2020-11-02 16:00:08 -08:00
Yifan Hong
2ec92cfc28 libdebuggerd_handler_fallback: make vendor_ramdisk_available.
Test: builds
Bug: 156098440
Change-Id: I11466de73bbb3a30c10a7a9088954e37772b7a00
2020-10-28 10:57:51 -07:00
Josh Gao
81c94cdce6 Start tombstoned early in post-fs-data.
Bug: http://b/169659307
Test: manual
Change-Id: Ie19de31e7e2b6cd43402cfd3a2e9274728e9e6b4
2020-10-01 14:25:36 -07:00
Treehugger Robot
d0642a373d Merge "Improve error message in debuggerd fallback handler." 2020-10-01 21:00:16 +00:00
Josh Gao
68083003b8 Improve error message in debuggerd fallback handler.
Bug: http://b/164014625
Test: none
Change-Id: I4f1e61be93c511676e66b909a15735bba963eff0
2020-09-25 13:51:02 -07:00
Christopher Ferris
b05c472421 Add arch member into Unwinder object.
This simplifies some of the logic and removes the need to pass an
Arch value to functions that should already know about the arch
it is operating on.

Includes fixes for debuggerd/libbacktrace.

Added new unit tests to cover new cases.

Test: All unit tests pass.
Test: Faked unwinder failing to verify debuggerd error messages display
Test: properly in backtrace and tombstone.
Change-Id: I439fcae0695befcfb1cb4c0a786cc74949d33425
2020-09-24 18:46:23 -07:00
Peter Collingbourne
864f15dd6d Dump the per-thread TAGGED_ADDR_CTRL value if available.
This value indicates whether memory tagging is enabled on a thread,
the mode (sync or async) and the set of excluded tags. This information
can sometimes be important for understanding an MTE related crash,
so include it in the per-thread tombstone output.

Bug: 135772972
Change-Id: I25a16e10ac7fbb2b1ab2a961a5279f787039000b
2020-09-15 21:32:36 -07:00
Elliott Hughes
713ec25103 libdebuggerd: do a to-do.
Until 77fdb22cf6, logd started as
AID_ROOT and then dropped its privileges. Since then, there's been no
reason to use string comparisons rather than checking the uid.

Test: pkill -SEGV logd
Test: treehugger
Change-Id: Ia709f8f59cb0ab9abac7df84c96c701b5d0a83ea
2020-08-03 18:56:35 +00:00
Jeff Sharkey
7b21637782 Update language to comply with Android's inclusive language guidance
See https://source.android.com/setup/contribute/respectful-code for reference

Bug: 161896447
Change-Id: Iafcccbdbdf3ff1078e87000e2ce560ff09b43f68
2020-07-31 16:36:06 -06:00
Elliott Hughes
ba1bd64ca2 Merge "debuggerd: use One True timestamp function." 2020-07-24 15:47:03 +00:00
Elliott Hughes
a660cb3f13 debuggerd: use One True timestamp function.
An OEM asks for sub-second granularity, and that's most easily done if
we only have one timestamp generator. I'm not convinced sub-second
granularity is particularly useful myself, and I definitely don't think
that nanosecond resolution is meaningful but I do like this cleanup, and
if I'm going to use sub-second precision I may as well use the maximum
precision available to me.

Also reduce some duplication of code reading cmdline/comm.

Bug: https://issuetracker.google.com/161860597
Test: head /data/tombstones/*
Change-Id: I035ecfd4a3338ccd84dae0ef973a998a7c7c5056
2020-07-23 16:33:53 -07:00
Peter Collingbourne
fe8997aff8 Include memory tags in memory dump output.
Tags appear in the addresses printed in the memory dump, which seems
like a reasonable place to put them because tagged addresses will
also appear in other places in the tombstone, such as registers and
the fault address.

Bug: 135772972
Change-Id: I52da338347ff6b7503cf5ac80763c540695dc061
2020-07-21 19:05:16 -07:00
Peter Collingbourne
b1fcedb928 Adjust conditions for dumping the memory around a register.
Previously, we would do a simple bounds check before deciding
whether to dump the memory around a register. On 64-bit platforms,
the register's value was required to be less than (4 << 60). However,
after stripping tags on AArch64 as part of r.android.com/1365229, all
pointer values became less than (4 << 60), so the check became useless
for filtering out invalid pointers. As a result, we would attempt to
dump memory for all registers, which for a register not containing
a valid pointer would typically consist of 16 lines of dashes.

One possible fix may be to replace the constant (4 << 60) with the
process's actual address space limit (known as TASK_SIZE inside the
kernel; typically 39 bits on AArch64 and 48 bits on x86_64), but the
kernel provides no API for retrieving a process's TASK_SIZE value. We
could guess it by looking at for example the highest bit set in the
value of getauxval(AT_EXECFN), which points to an address on the stack
which typically is mapped at the end of the address space on program
startup, but at least on AArch64 it is possible to dynamically extend
TASK_SIZE at runtime by providing a hint to mmap(), so this is not
always sufficient.

Instead, it seems best to remove most of the early bounds check, and
simply issue ptrace() calls for each register value, bailing out of
the entire output if none of the calls ended up succeeding. This also
has the nice side effect of avoiding 16 lines of noise per register
whose value looks like a pointer but actually points to unmapped
memory. We still retain part of the bounds check in order to avoid
integer overflow during the dump (including overflows into the tag
part of the address on architectures that support tagging).

Bug: 154272452
Change-Id: I94e4b7124b7735b92fd83a49c80ebded3483cd4e
2020-07-21 16:59:24 -07:00
Peter Collingbourne
d00a577c97 Statically link libminijail to debuggerd_test.
We do not install a 32-bit version of libminijail to 64/32 devices,
which means that "atest -a debuggerd_test" always fails on 32-bit.
Fix it by statically linking libminijail.

Change-Id: I1e5610d1353b4f5b718c1259825421c0c07d7c24
2020-07-21 16:59:24 -07:00
Peter Collingbourne
10e428dd77 Fix dumping of heap memory.
After r.android.com/1288984 we started failing to dump memory contents
for heap addresses because the tag started causing any addresses to
fail this bounds check. Add an untag_address() call to the bounds check
so that the tag is ignored.

Bug: 154272452
Change-Id: I3a6d1a078b21871bd93164150a123549f83289f6
2020-07-17 17:35:49 -07:00
Peter Collingbourne
bbe6905d7e Add stack trace coverage to MTE tests.
It's impractical to test the contents of the stack trace, but we
should at least test that *a* stack trace is present, which would
have caught the bug fixed by r.android.com/1306754 .

Bug: 135772972
Change-Id: Ic5e0b997caa53c7eeec4e5185df5c043c9d4fe3d
2020-05-08 10:14:47 -07:00
Peter Collingbourne
f86225206d Add support for MTE error reports in tombstones.
Teach debuggerd to use the new scudo APIs proposed in
https://reviews.llvm.org/D77283 for extracing MTE error reports from crashed
processes, and include those reports in tombstones if possible.

Bug: 135772972
Change-Id: I082dfd0ac9d781cfed2b8c34cc73562614bb0dbb
2020-04-27 13:15:49 -07:00
Tom Cherry
c5c6d7d326 Don't include log/log_read.h in log/log.h
log/log.h primarily concerns itself with writing logs.  The few users
who read logs should directly include log/log_read.h.

Bug: 78370064
Test: build
Change-Id: Ie95c55ea2ffc76fc95768323d445ada6ad4f2520
2020-04-17 15:31:34 -07:00
Josh Gao
c40a7515eb debuggerd: don't leave a zombie child if crash_dump is killed.
If crash_dump dies before it gets a chance to write to the pipe we use
to let the debugged-process know that it successfully started, we
weren't cleaning up the child we fork to start it, leaving a zombie
child.

Bug: http://b/152119184
Test: debuggerd_test
Change-Id: Id01cc05f693995e9998941774f74ab8e3d8b4d8a
2020-04-10 10:09:39 -07:00
Peter Collingbourne
cd63cae6b2 Merge "Read fault address on arm64 using proposed kernel API." 2020-03-30 21:40:58 +00:00
Peter Collingbourne
5677803cb7 Merge "Create a debugger_process_info data structure with the process info pointers." 2020-03-30 21:36:41 +00:00
Peter Collingbourne
e2b76c5b00 Merge "Move crash_dump into the runtime APEX." 2020-03-30 19:03:41 +00:00
Peter Collingbourne
f03af8844a Read fault address on arm64 using proposed kernel API.
On aarch64, the top 8 bits of the address (i.e. the tag bits) of
the fault address in si_addr are always clear. This isn't ideal for
MTE which will require these bits in order to correctly diagnose
tag mismatches.

A proposed kernel patch [1] exposes the full fault address including
the tag bits as part of the ucontext. Change debuggerd to read this
fault address if available.

[1] https://patchwork.kernel.org/patch/11435077/

Bug: 135772972
Change-Id: Ia05be574113860f4e9ecc36a310c4b740e0c4afb
2020-03-27 20:00:06 -07:00
Mitch Phillips
b9c072c551 Move PC-only unwind frame generation to libunwindstack.
GWP-ASan uses frame-pointer based unwinding internally on
allocation/deallocation to collect stack traces that are used when
crashes are reported.

This should be generic, so pull it out into libunwindstack so it can be
used by MTE as well.

Bug: 152412331
Test: atest debuggerd_test
Change-Id: I27b32263aac63446f5fe398af108676b70cd3971
2020-03-26 13:39:05 -07:00
Peter Collingbourne
f3d542fe9f Create a debugger_process_info data structure with the process info pointers.
Similar to r.android.com/1247247 I'll be adding more of them for MTE.

Also, change the protocol between the crasher and crash_dump to make
it easier to add new fields and change the referenced data structures
without needing to worry about versioning. The version number for
static executables is now always 1 (where the protocol will never
change), while the version number for dynamic executables is always
4 (where the protocol can change, because the linker and crash_dump
are version locked).

Bug: 135772972
Change-Id: Ib4696d0544d7c87cb429aaaa15f18c3640059e16
2020-03-24 17:23:15 -07:00
Tom Cherry
7581e86a72 Merge "Remove ANDROID_LOG_RDONLY, etc" 2020-03-24 21:00:57 +00:00
Tom Cherry
907b2d0349 Remove ANDROID_LOG_RDONLY, etc
These macros haven't been meaningful in years.

Test: logging unit tests
Change-Id: I796ec6d9b450f8a84bc85c3f15ddd988724c5e08
2020-03-23 13:43:27 -07:00
Martin Stjernholm
6d4e47a165 Merge "Remove use of static libdexfile to avoid linking in ART internal code." 2020-03-23 20:15:14 +00:00
Peter Collingbourne
5ac3927878 Make GetPcAdjustment a free function.
We're now using it in contexts that don't have all of the registers available,
such as GWP-ASan and soon MTE, so it doesn't make sense to have it be a
member function of Regs.

Bug: 135772972
Change-Id: I18b104ea0adb78588d7e475d0624cefc701ba52c
2020-03-19 17:51:20 -07:00
Martin Stjernholm
a2cc893044 Remove use of static libdexfile to avoid linking in ART internal code.
- Create a static library libunwindstack_no_dex without DEX support.
- Use it in libdebuggerd_handler_fallback, whose only use is in the
  linker, which shouldn't need that support.
- Use it in init_first_stage, which doesn't need DEX support either.
- Also need a libbacktrace_no_dex since it's in the dependency chain
  from init_first_stage to libunwindstack_no_dex.

Also restrict the *_no_dex libs and libdebuggerd_handler_fallback as
much as possible to avoid inadvertent use of these reduced
functionality libs.

Test: m init_first_stage on Cuttlefish
  where BOARD_BUILD_SYSTEM_ROOT_IMAGE=false
Test: m system_image com.android.runtime
Test: Build & boot
Test: atest linker-unit-tests libunwindstack_unit_test debuggerd_test
Bug: 142944931
Bug: 151466650
Change-Id: Iaacb29bfe602f3ca12a00a712e2a64c45ff0118b
2020-03-19 22:23:54 +00:00
Peter Collingbourne
b72e74810c Move crash_dump into the runtime APEX.
A future change will introduce a version lock between linker and
crash_dump. Move crash_dump into the runtime APEX alongside linker in order to
ensure that they will be the same version even if the runtime APEX is updated.

Bug: 135772972
Change-Id: Ic2eae31b6927eb0e8a62315ac141f50933c00bcc
Merged-In: Ic2eae31b6927eb0e8a62315ac141f50933c00bcc
2020-03-18 10:38:04 -07:00
Elliott Hughes
151e74894f Merge "debuggerd: add an opt-out for OEMs that would rather collect core dumps." 2020-03-06 17:17:51 +00:00
Peter Collingbourne
843f7e645d Create a ProcessInfo structure with the process-wide information from the crasher.
We're now passing around a couple of addresses for GWP-ASan in addition
to abort_msg_address and fdsan_table_address, and I'm going to need to add
more of them for MTE. Move them into a data structure in order to simplify
various function signatures.

Bug: 135772972
Change-Id: Ie01e1bd93a9ab64f21865f56574696825a6a125f
2020-02-28 19:12:19 -08:00
Elliott Hughes
530ab81e42 debuggerd: add an opt-out for OEMs that would rather collect core dumps.
On userdebug/eng devices, check a system property to see whether we
should create tombstones or not. OEMs that would rather have core dumps
can set this property and configure /proc/sys/kernel/core_pattern
appropriately.

Bug: https://issuetracker.google.com/149663286
Test: set the property, cause a crash
Change-Id: If894b4582a1820b64bdae819cec593b7710cb6e3
2020-02-25 09:28:24 -08:00
Elliott Hughes
f77f6f003c Remove various bits of dead code and unused workarounds.
Test: treehugger
Change-Id: I68fcd5da304d04ff4da3c3f3712fb79ce6b5791e
Merged-In: I68fcd5da304d04ff4da3c3f3712fb79ce6b5791e
2020-02-22 16:53:24 +00:00
Mitch Phillips
e0b4bb1b2e [GWP-ASan] Add GWP-ASan information to tombstones.
GWP-ASan can provide information about a crash that it caused. Grab the
GWP-ASan regions from the globals shared by the linker for crash-handler
purpopses, pull the information from GWP-ASan, and display it.

This adds two regions:
 1. Causality tracking by GWP-ASan. We now print a cause header about
 the crash, like `Cause: [GWP-ASan]: Use After Free on a 1-byte
 allocation at 0x7365bb3ff8`
 2. Allocation and deallocation stack traces.

Bug: 135634846
Test: atest debuggerd_test

Change-Id: Id28d5400c9a9a053fcde83a4788f971e677d4643
2020-02-18 16:49:50 -08:00
Ray Essick
bd3ba782f2 build crash_dump.policy files using Android.bp
use Android.bp instead of Android.mk to build and install the
crash_dump.policy files. This also allows mainline modules to pull
the files into their apex (dependency wasn't handled for Android.mk)

Bug: 147914640
Test: build, examine generated filesystem
Change-Id: Iae92d4f9d683ccfddf1716e7eb2877b7bff0c737
2020-02-03 08:57:46 -08:00
Elliott Hughes
f8c0350eaa Merge "debuggerd: remove the raw stack dump." 2020-01-23 16:07:42 +00:00
Elliott Hughes
627928e059 debuggerd: remove the raw stack dump.
This takes a lot of space, isn't convincingly useful, and makes it
likely that the far more valuable stuff that comes after it gets
truncated. So let's just drop it.

Bug: http://b/139860930
Test: manual crasher, presubmit
Change-Id: Ie417ffc07e3cb17e95fdb3d183f8c87de0f34b89
2020-01-22 14:13:46 -08:00
Josh Gao
55c7ed4e2e debuggerd_handler: increase thread stack size.
1 page isn't enough to log on AArch64, and clean pages are free, so
increase the stack size to 8 pages.

Bug: http://b/144887737
Test: treehugger
Change-Id: I731b3bc27ab37f4b830a9478a04cd34d4f7648d3
2020-01-17 17:25:30 -08:00
Steven Moreland
e40e4270e8 remove deprecated bp 'subdirs'
noticed some, so thought I would remove them everywhere here

Bug: N/A
Test: N/A
Change-Id: I2978673b158d6c253914ea22f7f0129e446a5f91
2020-01-14 12:18:40 -08:00
Josh Gao
a48b41bcb8 debuggerd: switch to using platform headers for DEBUGGER_SIGNAL.
Test: treehugger
Change-Id: Ie9736c4a077dba1029d2352bd94d47ce07323aec
2019-12-17 16:36:05 -08:00
Treehugger Robot
82a31b8749 Merge "Add variadic logging to libdebuggerd internal." 2019-11-19 19:04:55 +00:00
Mitch Phillips
aadebd8982 Add variadic logging to libdebuggerd internal.
GWP-ASan's crash information retrieval services requires a Printf()
function (declared by the system/implementing allocator). In this
instance, because _LOG is called with additional arguments (the log_t),
this function must be wrapped to conform to printf_t defined by
GWP-ASan.

We can easily wrap the variadic version.

Bug: 135634846
Test: atest debuggerd_test
Change-Id: I17209cd2b7455ce889e2f8194969f606cac329eb
2019-11-19 09:49:05 -08:00
Treehugger Robot
ba5351692e Merge "Include PSTATE in tombstones on arm64." 2019-11-19 14:07:37 +00:00
Peter Collingbourne
bb2f941f57 Include PSTATE in tombstones on arm64.
A thread's PSTATE can sometimes be critical for understanding a crash,
especially with MTE and other new features that store per-thread state
in PSTATE.

Bug: 135772972
Change-Id: I1bee25bffe7eea395f04b6449dc9227298cf866e
2019-11-18 17:57:37 -08:00
Tom Cherry
441054aa1e Remove old logger_entry_v* formats
logger_entry and logger_entry_v2 were used for the kernel logger,
which we have long since deprecated.  logger_entry_v3 is the same as
logger_entry_v4 without a uid field, so it is trivially removable,
especially since we're now always providing uids in log messages.

liblog and logd already get updated in sync with each other, so we
have no reason for backwards compatibility with their format.

Test: build, unit tests
Change-Id: I27c90609f28c8d826e5614fdb3fe59bde22b5042
2019-10-24 10:53:14 -07:00
Treehugger Robot
ecc9b1bd7f Merge "debuggerd_client_test: massively increase timeouts." 2019-10-17 21:33:46 +00:00
Josh Gao
f10d4a15d2 debuggerd_client_test: massively increase timeouts.
debuggerd_client.race seems to have suddenly started to flake, for no
apparent reason. This doesn't seem to reproduce locally, so increase
the timeouts to rule out our test VMs being slow.

Bug: http://b/142571257
Test: treehugger
Change-Id: Ic54a78b8da36cb1163cec7e7976c73c3da628a30
2019-10-17 12:09:49 -07:00
Nick Desaulniers
67d52aa0f6 [debuggerd] fix -Wreorder-init-list
C++20 wants members to be ordered unlike C99.

Bug: 139945549
Test: mm
Change-Id: I3cbca589511c1e0bbc10c691949e18de77e16031
Signed-off-by: Nick Desaulniers <ndesaulniers@google.com>
2019-10-10 14:54:35 -07:00
Elliott Hughes
ec220cd877 debuggerd: increase the default limit on tombstones to 32.
We're missing useful crashes, especially on hwasan builds.

Bug: http://b/140580637
Test: run crasher
Change-Id: Ib5d8d3bd3fc4d7fec77d0b10302e5595f97a3515
2019-09-26 14:36:01 -07:00
Christopher Ferris
11555f0961 Increase timeouts.
There is still some flakiness, so increase the timeout values.
Also remove the TEMP_FAILURE_RETRY macro usage in TIMEOUT calls.
That macro disables the ability of the alarm code to interrupt
the system call.

Bug: 141045754

Test: Unit tests pass.
Change-Id: Ia3c95dccc3076a3fd5ef6432097a57e4ccee4df3
2019-09-20 15:07:03 -07:00
Christopher Ferris
172b0a0834 Add TEMP_FAILURE_RETRY where appropriate.
Bug: 141045754

Test: Ran unit tests in a loop on walleye and cuttlefish.
Change-Id: I87b912e76889ed207ab17b862e4786ee44a382ba
2019-09-18 19:05:25 -07:00
Christopher Ferris
ab60668ef4 Allow getrlimit/ugetrlimit syscalls in tests.
The fdsan code uses getrlimit/ugetrlimit so need to allow that when
running the debuggerd unit tests.

Bug: 141045754

Test: Ran the offending tests hundreds of times without failure.
Change-Id: Iece94f03e7895d61ca8a8f3ab17dce7e54ddf9cd
2019-09-17 15:31:47 -07:00
Josh Gao
6cad139bcc Mark some tests as requiring root.
Bug: http://b/140123924
Test: mma
Change-Id: I3ad277179018631c50d9295cdb173dd9dfa7ac59
2019-08-27 16:09:32 -07:00
Josh Gao
8ad965ae5e tombstoned: start immediately after /data is mounted.
Catch as many early-boot crashes as we can by starting tombstoned
immediately after /data is mounted.

Bug: http://b/139864948
Test: adb shell su 0 dmesg | grep "starting service"
Change-Id: I7f8821102191a445e87020f3efa59a2e0620d9db
2019-08-22 15:19:44 -07:00
Treehugger Robot
44e343837f Merge "Add wchan data to ANR dump" 2019-07-20 16:40:54 +00:00
Kalesh Singh
1489e27bda Add wchan data to ANR dump
Since only privileged processes with CAP_SYS_ADMIN can read kernel
stack traces from /proc/*/stack, we dump the waiting channels
instead to provide some insight as to where the process might
be stuck in the kernel.

Bug: 135458700
Fixes: 135458700
Test: adb shell am hang; Check /data/anr/<anr-file> for
      wchan data.
Change-Id: I9f13511ad89a259ce5e5465155db15d45d2c46d8
2019-07-18 16:02:57 -07:00
Christopher Ferris
481e8379d3 Add cause message when stack overflow is detected.
Test: Ran new unit tests.
Test: Ran crasher stack-overflow, crasher64 stack-overflow and verified
Test: stack overflow cause is shown.
Test: Ran stack overflow app and verified tombstone includes stack-overflow
Test: message.
Change-Id: I9bb01186dff5ed81c77d84b6aaedb5332ddd7256
2019-07-17 14:14:26 -07:00
Christopher Ferris
afc0ff7fe0 Increase timeout to avoid flaky tests.
Also, print extra information when an error occurs.

Test: Ran unit tests.
Change-Id: I3404549db0ac18a4a82a99b2620556db96376bca
2019-06-26 15:08:51 -07:00
Josh Gao
5df504c5f8 crash_dump: populate uid field.
Bug: http://b/132359035
Test: manual
Change-Id: I99d8446024fc2d9395132dea45f03317976a9b62
2019-05-09 12:49:57 -07:00
Misha Wagner
39c5b8c21c Add UID printing to tombstone headers
This is for Android Telemetry to be able to categorise the processes
that produce tombstones.

Test: atest debugerd_test:TombstoneTest

Change-Id: Ie635347c9839eb58bfd27739050bd68cbdbf98da
2019-04-23 09:53:07 +01:00
Christopher Ferris
4ae266ccbd Add indicator that an elf is memory backed.
Modify the unwinder library to indicate that at least one of the stack
frames contains an elf file that is unreadable.

Modify debuggerd to display a note about the unreadable frame and a possible
way to fix it.

Bug: 129769339

Test: New unit tests pass.
Test: Ran an app that crashes and has an unreadable file and verified the
Test: message is displayed. Then setenforce 0 and verify the message is
Test: not displayed.
Change-Id: Ibc4fe1d117e9b5840290454e90914ddc698d3cc2
2019-04-18 15:37:52 -07:00
Treehugger Robot
371180bb72 Merge "debuggerd: call setsid in our children." 2019-04-16 23:29:04 +00:00
Josh Gao
18cb681247 debuggerd: call setsid in our children.
There appears to be a kernel bug that causes SIGHUP and SIGCONT to be
sent to the parent process group we spawn from if the process group
contains stopped jobs (e.g. the parent itself, because of wait_for_gdb).

Call setsid in all of our children to prevent this from happening.

Bug: http://b/31124563
Test: adb shell 'setprop debug.debuggerd.wait_for_gdb 1; killall -ABRT surfaceflinger'
Change-Id: I1a48d70886880a5bfbe2deb80d48deece55faf09
2019-04-16 13:17:08 -07:00
Treehugger Robot
e1d4648f46 Merge "crasher: add execute-only memory ("xom")." 2019-04-16 12:28:25 +00:00
Elliott Hughes
dd04c658c3 crasher: add execute-only memory ("xom").
Test: `crasher thread-xom`
Change-Id: Ia121848df966040968370e1e9cb840034d780e4f
2019-04-15 13:03:48 -07:00
Christopher Ferris
3336c7bce0 Remove include of backtrace/Backtrace.h.
Somehow the code was still including this include from libbacktrace.
I think the libbacktrace include directory was coming from some
transitive includes. I verified that nothing in debuggerd is using
the libbacktace.so shared library.

Bug: 120606663

Test: Builds, unit tests pass.
Change-Id: I85c2837c5a539ccefc5a7140949988058d21697a
2019-04-08 17:18:24 -07:00
David Srbecky
b9cc4fbb26 Revert "Check for data races when reading JIT/DEX entries."
This reverts commit 85b5fecec9.

Reason for revert: Breaks ART tests, reverting to investigate.

Change-Id: I1bb905407e87cbd4f832646651133a9caf6fcfc8
2019-04-05 18:23:32 +00:00
David Srbecky
85b5fecec9 Check for data races when reading JIT/DEX entries.
Update the entries only when the list is modified by the runtime.

Check that the list wasn't concurrently modified when being read.

Bug: 124287208
Test: libunwindstack_test
Test: art/test.py -b --host -r -t 137-cfi
Change-Id: I87ba70322053a01b3d5be1fdf6310e1dc21bb084
2019-03-29 14:01:32 +00:00
Christopher Ferris
7813345faa Add BuildId to frame information.
Update debuggerd to print BuildId information by default.

Bug: 120975492

Test: New unit tests pass.
Test: debuggerd -b <PID> shows build id information.
Test: tombstones include build id information.
Change-Id: I019b031113d0b77385516223c63455b868924440
2019-03-26 08:04:40 -07:00
Josh Gao
5e8d68c2b2 debuggerd_handler: demote abort on exec failure to log.
If a process is ptraced already, we might not be able to exec crash_dump
due to selinux. Since we can be called for non-fatal events, we
shouldn't abort in that case.

Bug: http://b/128054996
Test: treehugger
Change-Id: I1442041caa7af908df2ab87b9e010c44082e7587
2019-03-18 14:39:47 -07:00
Florian Mayer
3d67d347f5 Fix copy / move behaviour of Maps object.
Currently, moving or copying a Maps object leads to double free of MapInfo.

Even moving a Maps object  did not prevent this, as after a move
the object only has to be in an "unspecified but valid state", which can
be the original state for a vector of raw pointers (but not for a vector
of unique_ptrs).

Changing to unique_ptrs is the most failsafe way to make sure we never
accidentally destruct MapInfo.

Test: atest libuwindstack_test
      Failed LocalUnwinderTest#unwind_after_dlopen which also fails at master.

Change-Id: Id1c9739b334da5c1ba532fd55366e115940a66d3
2019-03-05 13:05:36 +00:00
Martin Stjernholm
852b64e549 Fix libdexfile dependencies to avoid direct dependency on libdexfile_external.
It should be dlopen'ed lazily by libdexfile_support now.

Also change debuggerd_test to not link libunwindstack and its dependencies
statically - the static libs can overlap with the dynamic ones.

Test: mmma system/core/debuggerd/
Test: atest debuggerd_test
Test: mmma system/core/{libunwindstack,libbacktrace}, run host gtests (cannot get atest to work)
Bug: 124827589
Bug: 123186083
Change-Id: I9e7bf9bcbae499af4e1be4c9854bce441e2a7b55
2019-02-24 22:04:11 +00:00
Josh Gao
8954d0bc98 Merge changes from topic "base_cmsg"
* changes:
  adb: switch to base::{Send,Receive}FileDescriptors.
  debuggerd: switch to base::{Send,Receive}FileDescriptors.
  base: add helpers for sending/receiving file descriptors.
2019-02-19 20:53:01 +00:00
Josh Gao
5f87bbdb0a debuggerd: switch to base::{Send,Receive}FileDescriptors.
Bug: http://b/12204763
Test: debuggerd_test
Change-Id: I0be40916214de51ab36fd6bd6d44090a84312e51
2019-02-13 13:21:54 -08:00
Martin Stjernholm
e31cfb609d Use new static target for libdexfile_support.
This is necessary since the dynamic one is now using dlopen(), which isn't
available in static builds.

Test: m
Test: mmma system/core/{libunwindstack,libbacktrace}, run host gtests (cannot get atest to work)
Bug: 123403798
Bug: 123186083
Change-Id: I06a9cdfe7e7cc01427ffd54b66c8ebab88782260
2019-02-12 22:03:48 +00:00
Christopher Ferris
60eb19795b Replace libbacktrace with libunwindstack directly.
Small modifications to the dump_stack method and added unit tests to
verify the output.

Bug: 120606663

Test: Unit tests pass, debuggerd run on processes on target.
Change-Id: Id385a915b751abda3dd6baebed6c3ce498c3bf6e
2019-01-29 17:57:14 -08:00
Greg Kaiser
3fa9a59ea3 debuggerd: Fix return type in error case
With our method returning 'bool', a "return -1" is interpretted
as 'true'.  We change this to an explicit 'false', as desired.

Test: TreeHugger
Change-Id: I222858b797bc4242a2dc6d4fe81df3d2586d055a
2019-01-08 06:29:22 -08:00
Josh Gao
4175cee3cc debuggerd_client: resolve tid to tgid when dumping Java stacks.
Bug: http://b/121438213
Test: debuggerd_test32
Test: debuggerd_test64
Change-Id: I4d114c8b0c4586ba64de5b45b47b0ec5c10354f8
2019-01-04 13:57:09 -08:00
Martin Stjernholm
bb4f2b440a Revert^2 "Use libdexfile external API in libunwindstack."
This reverts commit cacf5bf6bc.

Reason for revert: Re-apply with proper fix for VNDK visibility on marlin and sailfish.

Test: Manual repro of http://b/121110092#comment1 on reported branch
Test: atest CtsRenderscriptTestCases
Test: mmma system/core/{libunwindstack,libbacktrace}, run host gtests
Test: Make image, flash, and reboot device.
Test: Forrest cts/art/gce-all: https://android-build.googleplex.com/builds/forrest/run/L00300000240828791
Test: Forrest cts/bionic/gce-all: https://android-build.googleplex.com/builds/forrest/run/L05600000240682947 (shows 27/2958 failed, but it doesn't pass on Blackbox either: http://screen/xbjioEf6UgR)
Test: Forrest cts/renderscript/gce-all: https://android-build.googleplex.com/builds/forrest/run/L66200000240680523
Bug: 119632407
Change-Id: I601aa97eac8127e30d753405f8bc1fc4ae7f849f
2018-12-19 21:04:35 +00:00
Martin Stjernholm
cacf5bf6bc Revert "Use libdexfile external API in libunwindstack."
This reverts commit 444e23d2fc.

The rest of the topic doesn't need to be reverted.

Reason for revert: Breaks renderscript on marlin and sailfish.

Test: Manual repro of http://b/121110092#comment1 on reported branch
Test: "atest CtsRenderscriptTestCases" on that branch
Test: mmma system/core/{libunwindstack,libbacktrace}, run host gtests
Test: Make image, flash, and reboot device.
Bug: 121110092, 119632407
Change-Id: If1976b19ce386c95bc5bd4fd6d523745c167de18
2018-12-19 00:11:04 +00:00
Josh Gao
ac64da1637 Merge "libdebuggerd: add timestamp to tombstones." 2018-12-15 00:12:24 +00:00
Josh Gao
6f4644d15b libdebuggerd: add timestamp to tombstones.
Bug: http://b/120099273
Test: debuggerd_test
Change-Id: I457506f8d9920d969e1eba0265f85693b484f1a9
2018-12-14 13:29:52 -08:00
Martin Stjernholm
444e23d2fc Use libdexfile external API in libunwindstack.
Test: mmma system/core/{libunwindstack,libbacktrace}, run host gtests
Test: Make image, flash, and reboot device.
Bug: 119632407
Change-Id: I370f089a1b20ba432e136818b4325d46f99df708
2018-12-13 17:58:23 +00:00