Commit graph

37 commits

Author SHA1 Message Date
Elliott Hughes
1b13b14758 crasher: add pac and bti crashes.
Also add the missing `.size` directives to all the assembler functions
for slightly improved backtraces.

Test: crasher64 pac; crasher64 bti
Change-Id: I8e0c127cbff56c33637e6ca8f1d927b971951807
2023-08-08 16:06:24 -07:00
Kelvin Zhang
786dac3d50 Update some fs_mgr/debuggerd to use getpagesize() instead of PAGE_SIZE
Test: th
Bug: 279808236
Change-Id: I9d30cfe19d2b1a7d624cc5425e4315dc6e3b2ad2
2023-06-27 10:50:07 -07:00
zijunzhao
fa8037c207 Handle with the nonnull case in a tricky way
The func readdir() is not allowed to pass a nullptr.
Bug: b/245972273
Test: mm

Change-Id: Idbb3f552b026dc6d727886d22989d3359ed6633b
2023-03-31 23:50:37 +00:00
Elliott Hughes
7e82c0037b riscv64: fix mips-ism.
r29 is the stack pointer on mips, but it's x2 on riscv64 (and the git
history shows that this was indeed copy & pasted from the mips code)
and since bionic always sets up a signal stack with sigaltstack() I
doubt the comment was relevant even on mips (but no-one ever used it,
so who'd know?).

While I'm here, stop using decimal arithmetic --- the whole point was to
have each register contain the value that was obviously appropriate for
that register. (riscv64's mips-like mess of registers all over the place
means that's not going to be super readable, but there's no reason to
make it worse.)

Also, even though I personally prefer the 0xdead from the old mips code,
everyone else is using 0xa5a5, so let's make riscv64 match the others.

Test: treehugger
Change-Id: Ibbae821bc0a02e07164147d621e342224528c2c9
2023-03-20 16:08:15 -07:00
Elliott Hughes
fa4dd04889 Merge "Fix riscv64's crash glue." 2023-03-20 22:16:50 +00:00
Treehugger Robot
a4aab52663 Merge "Remove floating point register cruft." 2023-03-18 00:15:36 +00:00
Elliott Hughes
d284414786 Fix riscv64's crash glue.
When this was translated to riscv64, someone "fixed" the crashing bugs
that were the whole point of these two functions. Fix them back so they
actually crash, and add the CFI directives.

Test: treehugger
Change-Id: I312c51fa4c893d27b0f4e39383521657a5870a0d
2023-03-17 00:42:15 +00:00
Elliott Hughes
d5c90b0337 Match the arm/arm64 style in the x86/x86-64 files.
Test: treehugger
Change-Id: Id67cfeab293c7530aa1905a39455e8513d51e978
2023-03-17 00:40:26 +00:00
Elliott Hughes
f9cd73f851 Remove floating point register cruft.
We stopped showing floating point registers years ago, but some cruft
remains.

Test: treehugger
Change-Id: Ib89032db90a31a49d090bc5d99f9c401af734e7a
2023-03-17 00:38:26 +00:00
Christopher Ferris
4761355a54 Fix unwind information for crash assembler.
Test: Crash on arm, arm64, x86, x86_64 and verified full stack is
Test: found in tombstone.
Change-Id: I809ec66d6ce9af378c8e8b04cc1c85b51a61779f
2023-03-13 14:44:22 -07:00
zijunzhao
f5e1533f2f Suppress the error warning
Bug: https://android-build.googleplex.com/builds/pending/P51300433/aosp_bramble-userdebug/latest/view/logs/build_error.log
Test: None
Change-Id: I2fbd3d8772c50ed9de1c2ba9eb2234966c7dcb84
2023-03-08 02:40:09 +00:00
Chih-Hung Hsieh
3ec1e81425 Suppress clang-tidy on crasher.cpp
* Intentional crash test code with null/free/escape warnings.

Test: make tidy-system-core-debuggerd_subset
Change-Id: Ib1255c17a374729c82aa246c6a59156dbc4e1b77
2022-12-05 11:28:40 -08:00
Elliott Hughes
7a30483996 Clean up some unneeded non-neon support.
It's 2022.

Test: treehugger
Change-Id: If7feede199545cf36ae4759b635a56d1421e505f
2022-10-31 15:38:01 +00:00
Xia Lifang
b13a10bb5d Add riscv64 support for debuggerd/crasher
Signed-off-by: Xia Lifang <lifang_xia@linux.alibaba.com>
Signed-off-by: Mao Han <han_mao@linux.alibaba.com>
Change-Id: I521c6da61cf2f6f67a73febf368068c430d94cdb
2022-10-12 22:30:27 +00:00
Christopher Ferris
4f600fe073 Add two new crash commands.
One is intentionally seeting the abort message. The other is to set
the abort message to null.

Also, make the libseccomp_policy static so that the crasher
executable can be copied to the system afterwards without
requiring libseccomp_policy.so.

Test: Ran both new crash commands on device.
Test: Ran the seccomp crash command to verify seccomp still works.
Change-Id: I255b5f37e6eb188719e5b72302ca3f5911c8d821
2022-04-13 16:38:16 -07:00
Pirama Arumuga Nainar
982e2a5018 Ignore deliberate free() of non-heap memory
Bug: http://b/181927912

Clang already has -Wfree-nonheap-object but it became a default warning
with clang-r416183

Test: compile crasher.cpp
Change-Id: Ice532e9f373a628e07acd08a4fc7bfa7cf5d4e08
2021-03-16 18:16:15 -07:00
Bob Badour
d69ad69a93 [LSC] Add LOCAL_LICENSE_KINDS to system/core
Added SPDX-license-identifier-Apache-2.0 to:
  bootstat/Android.bp
  cli-test/Android.bp
  code_coverage/Android.bp
  cpio/Android.bp
  debuggerd/crasher/Android.bp
  debuggerd/proto/Android.bp
  diagnose_usb/Android.bp
  fs_mgr/libdm/Android.bp
  fs_mgr/libfiemap/Android.bp
  fs_mgr/liblp/Android.bp
  fs_mgr/libsnapshot/Android.bp
  fs_mgr/libstorage_literals/Android.bp
  fs_mgr/libvbmeta/Android.bp
  fs_mgr/tests/Android.bp
  fs_mgr/tools/Android.bp
  gatekeeperd/Android.bp
  healthd/Android.bp
  healthd/testdata/Android.bp
  init/Android.bp
  init/Android.mk
  init/sysprop/Android.bp
  init/test_kill_services/Android.bp
  init/test_service/Android.bp
  libappfuse/Android.bp
  libasyncio/Android.bp
  libbinderwrapper/Android.bp
  libcrypto_utils/Android.bp
  libcrypto_utils/tests/Android.bp
  libdiskconfig/Android.bp
  libgrallocusage/Android.bp
  libkeyutils/mini_keyctl/Android.bp
  libmodprobe/Android.bp
  libnetutils/Android.bp
  libpackagelistparser/Android.bp
  libprocessgroup/Android.bp
  libprocessgroup/cgrouprc/Android.bp
  libprocessgroup/cgrouprc_format/Android.bp
  libprocessgroup/profiles/Android.bp
  libprocessgroup/setup/Android.bp
  libqtaguid/Android.bp
  libsparse/Android.bp
  libstats/push_compat/Android.bp
  libsuspend/Android.bp
  libsync/Android.bp
  libsystem/Android.bp
  libsysutils/Android.bp
  libusbhost/Android.bp
  libutils/Android.bp
  libvndksupport/Android.bp
  libvndksupport/tests/Android.bp
  llkd/Android.bp
  llkd/tests/Android.bp
  property_service/libpropertyinfoparser/Android.bp
  property_service/libpropertyinfoserializer/Android.bp
  property_service/property_info_checker/Android.bp
  qemu_pipe/Android.bp
  reboot/Android.bp
  rootdir/Android.bp
  rootdir/Android.mk
  rootdir/avb/Android.bp
  rootdir/avb/Android.mk
  run-as/Android.bp
  sdcard/Android.bp
  set-verity-state/Android.bp
  shell_and_utilities/Android.bp
  storaged/Android.bp
  toolbox/Android.bp
  trusty/apploader/Android.bp
  trusty/confirmationui/Android.bp
  trusty/confirmationui/fuzz/Android.bp
  trusty/coverage/Android.bp
  trusty/fuzz/Android.bp
  trusty/fuzz/test/Android.bp
  trusty/gatekeeper/Android.bp
  trusty/gatekeeper/fuzz/Android.bp
  trusty/keymaster/Android.bp
  trusty/keymaster/fuzz/Android.bp
  trusty/libtrusty/Android.bp
  trusty/libtrusty/tipc-test/Android.bp
  trusty/secure_dpu/Android.bp
  trusty/storage/interface/Android.bp
  trusty/storage/lib/Android.bp
  trusty/storage/proxy/Android.bp
  trusty/storage/tests/Android.bp
  trusty/utils/spiproxyd/Android.bp
  trusty/utils/trusty-ut-ctrl/Android.bp
  usbd/Android.bp
  watchdogd/Android.bp

Added SPDX-license-identifier-Apache-2.0 SPDX-license-identifier-BSD to:
  debuggerd/Android.bp
  fastboot/Android.bp
  libkeyutils/Android.bp

Added SPDX-license-identifier-Apache-2.0 SPDX-license-identifier-BSD
    SPDX-license-identifier-MIT
to:
  libcutils/Android.bp

Added SPDX-license-identifier-Apache-2.0 SPDX-license-identifier-MIT
to:
  fs_mgr/Android.bp
  fs_mgr/libfs_avb/Android.bp
  trusty/Android.bp
  trusty/utils/rpmb_dev/Android.bp

Added SPDX-license-identifier-BSD
to:
  fastboot/fuzzy_fastboot/Android.bp

Bug: 68860345
Bug: 151177513
Bug: 151953481

Test: m all

Exempt-From-Owner-Approval: janitorial work
Change-Id: Id740a7d2884556081fdb68876584b25eb95e1bef
2021-02-19 12:59:05 -08:00
Elliott Hughes
c3a206ccda Revert "[LSC] Add LOCAL_LICENSE_KINDS to system/core"
This reverts commit 187b7d1950.

Reason for revert: system/core is multiple projects, not one.

Change-Id: I790ea41741f8cd9b8b6db2f59a49e71fb0958fd6
2021-02-16 20:01:20 +00:00
Bob Badour
187b7d1950 [LSC] Add LOCAL_LICENSE_KINDS to system/core
Added SPDX-license-identifier-Apache-2.0 to:
  bootstat/Android.bp
  cli-test/Android.bp
  code_coverage/Android.bp
  cpio/Android.bp
  debuggerd/crasher/Android.bp
  debuggerd/proto/Android.bp
  diagnose_usb/Android.bp
  fs_mgr/libdm/Android.bp
  fs_mgr/libfiemap/Android.bp
  fs_mgr/liblp/Android.bp
  fs_mgr/libsnapshot/Android.bp
  fs_mgr/libstorage_literals/Android.bp
  fs_mgr/libvbmeta/Android.bp
  fs_mgr/tests/Android.bp
  fs_mgr/tools/Android.bp
  gatekeeperd/Android.bp
  healthd/Android.bp
  healthd/testdata/Android.bp
  init/Android.bp
  init/Android.mk
  init/sysprop/Android.bp
  init/test_kill_services/Android.bp
  init/test_service/Android.bp
  libappfuse/Android.bp
  libasyncio/Android.bp
  libbinderwrapper/Android.bp
  libcrypto_utils/Android.bp
  libcrypto_utils/tests/Android.bp
  libdiskconfig/Android.bp
  libgrallocusage/Android.bp
  libkeyutils/mini_keyctl/Android.bp
  libmodprobe/Android.bp
  libnetutils/Android.bp
  libpackagelistparser/Android.bp
  libprocessgroup/Android.bp
  libprocessgroup/cgrouprc/Android.bp
  libprocessgroup/cgrouprc_format/Android.bp
  libprocessgroup/profiles/Android.bp
  libprocessgroup/setup/Android.bp
  libqtaguid/Android.bp
  libsparse/Android.bp
  libstats/push_compat/Android.bp
  libsuspend/Android.bp
  libsync/Android.bp
  libsystem/Android.bp
  libsysutils/Android.bp
  libusbhost/Android.bp
  libutils/Android.bp
  libvndksupport/Android.bp
  libvndksupport/tests/Android.bp
  llkd/Android.bp
  llkd/tests/Android.bp
  property_service/libpropertyinfoparser/Android.bp
  property_service/libpropertyinfoserializer/Android.bp
  property_service/property_info_checker/Android.bp
  qemu_pipe/Android.bp
  reboot/Android.bp
  rootdir/Android.bp
  rootdir/Android.mk
  rootdir/avb/Android.bp
  rootdir/avb/Android.mk
  run-as/Android.bp
  sdcard/Android.bp
  set-verity-state/Android.bp
  shell_and_utilities/Android.bp
  storaged/Android.bp
  toolbox/Android.bp
  trusty/apploader/Android.bp
  trusty/confirmationui/Android.bp
  trusty/confirmationui/fuzz/Android.bp
  trusty/coverage/Android.bp
  trusty/fuzz/Android.bp
  trusty/fuzz/test/Android.bp
  trusty/gatekeeper/Android.bp
  trusty/gatekeeper/fuzz/Android.bp
  trusty/keymaster/Android.bp
  trusty/keymaster/fuzz/Android.bp
  trusty/libtrusty/Android.bp
  trusty/libtrusty/tipc-test/Android.bp
  trusty/secure_dpu/Android.bp
  trusty/storage/interface/Android.bp
  trusty/storage/lib/Android.bp
  trusty/storage/proxy/Android.bp
  trusty/storage/tests/Android.bp
  trusty/utils/spiproxyd/Android.bp
  trusty/utils/trusty-ut-ctrl/Android.bp
  usbd/Android.bp
  watchdogd/Android.bp

Added SPDX-license-identifier-Apache-2.0 SPDX-license-identifier-BSD to:
  debuggerd/Android.bp
  fastboot/Android.bp
  libkeyutils/Android.bp

Added SPDX-license-identifier-Apache-2.0 SPDX-license-identifier-BSD
    SPDX-license-identifier-MIT
to:
  Android.bp
  libcutils/Android.bp

Added SPDX-license-identifier-Apache-2.0 SPDX-license-identifier-MIT
to:
  fs_mgr/Android.bp
  fs_mgr/libfs_avb/Android.bp
  trusty/utils/rpmb_dev/Android.bp

Added SPDX-license-identifier-BSD
to:
  fastboot/fuzzy_fastboot/Android.bp

Bug: 68860345
Bug: 151177513
Bug: 151953481

Test: m all

Exempt-From-Owner-Approval: janitorial work
Change-Id: I5bd81adb5cdcf2b4dd4141b204eb430ff526af8f
2021-02-16 04:10:03 -08:00
Peter Collingbourne
f3d542fe9f Create a debugger_process_info data structure with the process info pointers.
Similar to r.android.com/1247247 I'll be adding more of them for MTE.

Also, change the protocol between the crasher and crash_dump to make
it easier to add new fields and change the referenced data structures
without needing to worry about versioning. The version number for
static executables is now always 1 (where the protocol will never
change), while the version number for dynamic executables is always
4 (where the protocol can change, because the linker and crash_dump
are version locked).

Bug: 135772972
Change-Id: Ib4696d0544d7c87cb429aaaa15f18c3640059e16
2020-03-24 17:23:15 -07:00
Elliott Hughes
f77f6f003c Remove various bits of dead code and unused workarounds.
Test: treehugger
Change-Id: I68fcd5da304d04ff4da3c3f3712fb79ce6b5791e
Merged-In: I68fcd5da304d04ff4da3c3f3712fb79ce6b5791e
2020-02-22 16:53:24 +00:00
Josh Gao
a48b41bcb8 debuggerd: switch to using platform headers for DEBUGGER_SIGNAL.
Test: treehugger
Change-Id: Ie9736c4a077dba1029d2352bd94d47ce07323aec
2019-12-17 16:36:05 -08:00
Elliott Hughes
dd04c658c3 crasher: add execute-only memory ("xom").
Test: `crasher thread-xom`
Change-Id: Ia121848df966040968370e1e9cb840034d780e4f
2019-04-15 13:03:48 -07:00
Stephen Hines
8395de6927 Fix two clang-tidy issues in crasher.cpp.
TEMP_FAILURE_RETRY's result was unused for the call to read(), so now
mark it as such to silence a possible unused result warning. For
__read_chk(), this function is an internal implementation detail of
FORTIFY in Bionic. Under clang-tidy, FORTIFY checks are actually
removed, so this now results in an unknown function being called. The
code should not be explicitly depending on an implementation detail, but
we can just suppress the failing case to retain test coverage of the
actual implementation.

Bug: http://b/110779387
Test: Build using WITH_TIDY=1
Change-Id: If83ac1d6f3b6dc32c0d0fb56d8e675e53b586f78
2018-09-24 13:18:22 -07:00
Josh Gao
3fa9637e81 crasher: add close(fileno(FILE*)) and close(dirfd(DIR*)).
Add some cases to trigger fdsan aborts.

Test: crasher fdsan_file; crasher fdsan_dir
Change-Id: I48152d333dc25900f1c8d8e0f2e8728154643508
2018-07-18 18:11:46 -07:00
Elliott Hughes
2baf443a21 Improve SIGILL support.
Include the illegal instruction in the header if we get a
SIGILL. Otherwise (since these tend to be one-off bit flips), we don't
usually have any information to try to confirm our suspicion that any
given instance is actually a one-off bit flip.

Also add `SIGILL` as a crasher option to easily generate such crashes.

Before:
  signal 4 (SIGILL), code 1 (ILL_ILLOPC), fault addr 0xab1456da

After:
  signal 4 (SIGILL), code 1 (ILL_ILLOPC), fault addr 0xab1456da (*pc=0xe7f0def0)

Bug: http://b/77274448
Test: ran crasher
Change-Id: I5f8dedca5eea2b117b1b1e48430214b38e1366ed
2018-05-30 12:58:43 -07:00
Victor Hsieh
9a0e12d405 Change seccomp to the system filter
Test: build
Bug: 63944145
Change-Id: I55da5354b90def14b024add7979099189943d9e6
2017-12-22 14:35:28 -08:00
Chih-Hung Hsieh
122352d983 Use -Werror in system/core
* Move -Wall -Werror from cppflags to cflags.
* Fix/suppress warning on unused variables.

Bug: 66996870
Test: build with WITH_TIDY=1
Change-Id: I1e05e96a1d0bcb2ccef1ce456504b3af57167cc5
2017-11-01 11:32:55 -07:00
Christopher Ferris
b9de87f7ed Add a new unwind method on error.
If a function crashes by jumping into unexecutable code, the old method
could not unwind through that. Add a fallback method to set the pc from
the default return address location.

In addition, add a new finished check for steps. This will provide a method
to indicate that this step is the last step. This prevents cases where
the fallback method might be triggered incorrectly.

Update the libbacktrace code to unwind using the new methodology.

Update the unwind tool to use the new unwind methodology.

Add a new option to crasher that calls through a null function.

Create a new object, Unwinder, that encapsulates the a basic unwind. For now,
libbacktrace will still use the custom code.

Added new unit tests to cover the new cases. Also add a test that
crashes calling a nullptr as a function, and then has call frames in
the signal stack.

Bug: 65842173

Test: Pass all unit tests, verify crasher dumps properly.
Change-Id: Ia18430ab107e9f7bdf0e14a9b74710b1280bd7f4
2017-09-22 16:55:12 -07:00
Isaac Chen
6dc21a5ac5 Enable HAS_VFP_D32 for 32-bit armv8 crasher
Android.bp assumed only an armv7-a-neon core needs to set HAS_VFP_D32.
In fact, an armv8 core also has 32 double-word floating point registers
for A32 and T32 ISAs (AArch32 or 32-bit armv8).

Bug: 65568426
Test: lunch aosp_arm64; emulator # on oc-mr1-dev; boot to home screen.
      Check crashglue.o actually uses VFP_D16-31 for 32-bit armv8 core.
Change-Id: I34584a27fa24a55bb4809ccd7f99a8122971df0e
2017-09-15 15:31:22 +08:00
Elliott Hughes
972d078b3e Stop asking for old versions of C++ in system/core.
Bug: http://b/32019064
Test: builds
Change-Id: I1befc647b581bd293f98010e816b6413caab5e6c
2017-08-02 14:06:28 -07:00
Josh Gao
399b4ee21e crasher: add a case that leaks until OOM-kill.
Bug: http://b/63143027
Test: adb shell crasher leak
Change-Id: I6e4105972ef3d86430d0f332938f5fd33ebae100
2017-07-13 14:00:26 -07:00
Elliott Hughes
12b7129406 Small debuggerd improvements.
Include the ABI in seccomp causes.

Slightly improved command-line usage information.

Fix crasher for seccomp failures.

Bug: N/A
Test: crasher
Change-Id: Ie419ecfe72ee4f5ccf49c927be18350a58a66a90
2017-03-02 19:01:20 -08:00
Elliott Hughes
da9e3958d6 Add crasher check for passing a bad pthread_t to pthread_join.
Bug: http://b/35455349
Test: manual
Change-Id: If09454c7104a1e6de7c0edb50ee52118b7ca5eaa
2017-02-17 10:26:48 -08:00
Josh Gao
91ad653c82 crasher: add a case that uses PR_SET_NO_NEW_PRIVS.
Bug: http://b/34684590
Test: crasher no_new_privs
Change-Id: I400d599116e3f3c27f5ea46d260e288cf900e156
2017-02-14 14:40:47 -08:00
Elliott Hughes
0ba535976f Better seccomp/kuser_helper diagnostics from debuggerd.
Also switch to Android.bp for crasher.

Bug: http://b/34629282 (seccomp)
Bug: http://b/34705831 (seccomp)
Bug: http://b/34884086 (kuser_helpers)
Test: manual
Change-Id: I8ee79c635518faeba751742919af69a505b5e3e1
2017-02-01 18:43:03 -08:00
Josh Gao
cbe70cb0a8 debuggerd: advance our amazing bet.
Remove debuggerd in favor of a helper process that gets execed by
crashing processes.

Bug: http://b/30705528
Test: debuggerd_test
Change-Id: I9906c69473989cbf7fe5ea6cccf9a9c563d75906
2017-01-17 13:57:57 -08:00