Under some conditions, /proc/<pid>/maps might return nothing. If we
try and unwind in this case, we'll crash. Check this case and fail
the unwind.
Add checks that no other functions try and use map_ without
checking for nullptr.
Add logging when an unwind fails so it's clear what happened.
Bug: 21162746
Change-Id: I56ce51dda0cfc9db20475a441f118108196aa07c
The new linker relocation packing support uses non-zero load bases,
so we better handle them properly.
Also print out the load base for a map if it's non-zero.
Bug: 20687795
(cherry picked from commit 329ed7dae4)
Change-Id: Ibc37d8c8bb032820dca4e7531184349ba6d402d2
ELF said that padding is present, if necessary, to ensure 4-byte
alignment for the descriptor and next note entry, but such padding
is not included in namesz and descsz.
Change-Id: I7896783f3d9a787772d56c49905f52a493c9fba1
For every map that has a name, and if it's a mapped in shared library,
print the build id.
Refactor the way dump_all_maps logs data.
Refactor the way stack segments are dumped.
Bug: 19371018
Change-Id: Ic08d05a4b13f128925743936fb84d8059f7cb56f
Move away from using POSIX open(2) flags and introduce ANDROID_LOG_* flags to
replace them. Add security by preventing random mode flags from getting into
underlying POSIX calls. ANDROID_LOG_* flags overlap POSIX O_* flag definitions.
Change-Id: Ib32bb64c287e8bf150be62242e1ba46bb37839fc
Modifies the code so that if the unwind fails, the code still prints
as much data as possible.
Also, for sibling threads, skip printing the maps and memory/code
since it's not likely to be very relevant.
Fix a few cases where extra space is at the end of lines.
Fix an inverted if statement that was checking the wrong condition.
Bug: 18816322
Change-Id: Ic659e0c34489bf2c65c5a23e2b83e31653b927e4
The backtrace structure used to include a pointer to a backtrace_map_t
that represented the map data for a particular pc. This introduced a
race condition where the pointer could be discarded, but the backtrace
structure still contained a pointer to garbage memory. Now all of the map
information is right in the structure.
Bug: 19028453
Change-Id: If7088a73f3c6bf1f3bc8cdd2bb4b62e7cab831c0
The kernel finally has the pt_regs structure properly defined for mips,
so we don't need to define it ourselves.
Change-Id: Ifdf75ed827cd2390962e9b3a182bdbbf02fe0732
On 64 bit systems, calls to dump_backtrace_to_file or dump_tombstone
try and directly contact the correct debuggerd (32 bit vs 64 bit)
by reading the elf information for the executable.
Unfortunately, system_server makes a call to dump_backtrace_to_file
and it doesn't have permissions to read the executable data, so it
defaults to always contacting the 64 bit debuggerd.
This CL changes the code so that all dump requests go to the 64 bit
debuggerd, which reads the elf information and redirects requests for
32 bit processes to the 32 bit debuggerd.
Testing:
- Forced the watchdog code in system_server to dump stacks and
verified that all native stacks are dumped correctly.
- Verified that dumpstate and bugreport still properly dump the native
processes on a 64 bit and 32 bit system.
- Intentionally forced the 64 bit to 32 bit redirect to write only a
byte at a time and verified there are no errors, and no dropped data.
- Used debuggerd and debuggerd64 to dump 32 bit and 64 bit processes
seemlessly.
- Used debuggerd on a 32 bit system to dump native stacks.
Bug: https://code.google.com/p/android/issues/detail?id=97024
Change-Id: Ie01945153bdc1c4ded696c7334b61d58575314d1
- Fix a problem where a tid exits before the attach completes, and it
causes debuggerd to self terminate.
- Fix a problem where sibling tid dumps do not properly wait for the tid
to get signalled.
Bug: 17800180
Bug: 12567315
(cherry picked from commit 84ddb34a3a)
Change-Id: I45e33865614d4c96f4a89cf117398666b556d500
debuggerd allows uid-0 processes to dump tombstones or backtraces
of any process, and uid-system processes to dump backtraces of any
processes. Restrict these operations via SELinux based on the
client context, the target process context, and the action.
Depends on I8e120d319512ff207ed22ed87cde4e0432a13dda for the
corresponding policy definitions.
Change-Id: Ib317564e54e07cc21f259e75124b762ad17c6e16
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Also fix dumping of arm64's vector registers, which are actually 128 bits wide.
Also move the arm/arm64 FP registers to the tombstone. (We've never dumped
them at all for the other architectures.)
(cherry picked from commit b40c50351e)
Change-Id: Ic646fb9ea01e9beb42e1757feb8742c1d4efafa7
Also fix dumping of arm64's vector registers, which are actually 128 bits wide.
Also move the arm/arm64 FP registers to the tombstone. (We've never dumped
them at all for the other architectures.)
Change-Id: I239a86dd225b47fa90109bc824b7610df67ad812
There's no good reason to separate "fill the integer registers with
recognizable patterns and crash" from "fill the FP registers with recognizable
patterns and crash".
Also remove the incorrect use of ARCH_ARM_HAVE_VFP_D32 rather than try to fix
it.
Change-Id: I3a4a3aca1575de5489314027ae52168997404d79
Maps output now displays fault address location more intelligently. If
the fault is not in a mapped region, it now shows where that address is
with respect to the other maps.
In addition, the size of the map is now printed as part of the output.
Also, crasher now supports an "mmap" option which mmaps/munmaps a region
of memory and then attempts to access it, causing a fault address in
between mapped regions that can be used to test that new part of the
maps output.
Change-Id: Ia5e1926802bdfcbbdb7857e3631ddf395ae0c5b8
Now the debugging output shows the tid of the crashed thread instead of
the pid of the process that crashed.
Change-Id: I637f409ff02d73d458edc6d1a5c462c21d128211
The debug output was still showing the pathname that worked with
gdbclient before my changes, and therefore did not work after the fact.
Change-Id: Ie12d79f5346088914ce0a70bda69780707b31d31
