Home | History | Annotate | Download | only in linker 
      1 /*
      2  * Copyright (C) 2008 The Android Open Source Project
      3  * All rights reserved.
      4  *
      5  * Redistribution and use in source and binary forms, with or without
      6  * modification, are permitted provided that the following conditions
      7  * are met:
      8  *  * Redistributions of source code must retain the above copyright
      9  *    notice, this list of conditions and the following disclaimer.
     10  *  * Redistributions in binary form must reproduce the above copyright
     11  *    notice, this list of conditions and the following disclaimer in
     12  *    the documentation and/or other materials provided with the
     13  *    distribution.
     14  *
     15  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
     16  * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
     17  * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
     18  * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
     19  * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
     20  * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
     21  * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
     22  * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
     23  * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
     24  * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
     25  * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
     26  * SUCH DAMAGE.
     27  */
     28 
     29 #include "linker.h"
     30 
     31 #include <errno.h>
     32 #include <inttypes.h>
     33 #include <pthread.h>
     34 #include <signal.h>
     35 #include <stdio.h>
     36 #include <stdlib.h>
     37 #include <string.h>
     38 #include <sys/mman.h>
     39 #include <sys/prctl.h>
     40 #include <sys/socket.h>
     41 #include <sys/un.h>
     42 #include <unistd.h>
     43 
     44 extern "C" int tgkill(int tgid, int tid, int sig);
     45 
     46 // Crash actions have to be sent to the proper debuggerd.
     47 // On 64 bit systems, the 32 bit debuggerd is named differently.
     48 #if defined(TARGET_IS_64_BIT) && !defined(__LP64__)
     49 #define DEBUGGER_SOCKET_NAME "android:debuggerd32"
     50 #else
     51 #define DEBUGGER_SOCKET_NAME "android:debuggerd"
     52 #endif
     53 
     54 enum debugger_action_t {
     55   // dump a crash
     56   DEBUGGER_ACTION_CRASH,
     57   // dump a tombstone file
     58   DEBUGGER_ACTION_DUMP_TOMBSTONE,
     59   // dump a backtrace only back to the socket
     60   DEBUGGER_ACTION_DUMP_BACKTRACE,
     61 };
     62 
     63 /* message sent over the socket */
     64 struct __attribute__((packed)) debugger_msg_t {
     65   int32_t action;
     66   pid_t tid;
     67   uint64_t abort_msg_address;
     68   int32_t original_si_code;
     69 };
     70 
     71 // see man(2) prctl, specifically the section about PR_GET_NAME
     72 #define MAX_TASK_NAME_LEN (16)
     73 
     74 static int socket_abstract_client(const char* name, int type) {
     75   sockaddr_un addr;
     76 
     77   // Test with length +1 for the *initial* '\0'.
     78   size_t namelen = strlen(name);
     79   if ((namelen + 1) > sizeof(addr.sun_path)) {
     80     errno = EINVAL;
     81     return -1;
     82   }
     83 
     84   // This is used for abstract socket namespace, we need
     85   // an initial '\0' at the start of the Unix socket path.
     86   //
     87   // Note: The path in this case is *not* supposed to be
     88   // '\0'-terminated. ("man 7 unix" for the gory details.)
     89   memset(&addr, 0, sizeof(addr));
     90   addr.sun_family = AF_LOCAL;
     91   addr.sun_path[0] = 0;
     92   memcpy(addr.sun_path + 1, name, namelen);
     93 
     94   socklen_t alen = namelen + offsetof(sockaddr_un, sun_path) + 1;
     95 
     96   int s = socket(AF_LOCAL, type, 0);
     97   if (s == -1) {
     98     return -1;
     99   }
    100 
    101   int rc = TEMP_FAILURE_RETRY(connect(s, reinterpret_cast<sockaddr*>(&addr), alen));
    102   if (rc == -1) {
    103     close(s);
    104     return -1;
    105   }
    106 
    107   return s;
    108 }
    109 
    110 /*
    111  * Writes a summary of the signal to the log file.  We do this so that, if
    112  * for some reason we're not able to contact debuggerd, there is still some
    113  * indication of the failure in the log.
    114  *
    115  * We could be here as a result of native heap corruption, or while a
    116  * mutex is being held, so we don't want to use any libc functions that
    117  * could allocate memory or hold a lock.
    118  */
    119 static void log_signal_summary(int signum, const siginfo_t* info) {
    120   const char* signal_name = "???";
    121   bool has_address = false;
    122   switch (signum) {
    123     case SIGABRT:
    124       signal_name = "SIGABRT";
    125       break;
    126     case SIGBUS:
    127       signal_name = "SIGBUS";
    128       has_address = true;
    129       break;
    130     case SIGFPE:
    131       signal_name = "SIGFPE";
    132       has_address = true;
    133       break;
    134     case SIGILL:
    135       signal_name = "SIGILL";
    136       has_address = true;
    137       break;
    138     case SIGPIPE:
    139       signal_name = "SIGPIPE";
    140       break;
    141     case SIGSEGV:
    142       signal_name = "SIGSEGV";
    143       has_address = true;
    144       break;
    145 #if defined(SIGSTKFLT)
    146     case SIGSTKFLT:
    147       signal_name = "SIGSTKFLT";
    148       break;
    149 #endif
    150     case SIGTRAP:
    151       signal_name = "SIGTRAP";
    152       break;
    153   }
    154 
    155   char thread_name[MAX_TASK_NAME_LEN + 1]; // one more for termination
    156   if (prctl(PR_GET_NAME, reinterpret_cast<unsigned long>(thread_name), 0, 0, 0) != 0) {
    157     strcpy(thread_name, "<name unknown>");
    158   } else {
    159     // short names are null terminated by prctl, but the man page
    160     // implies that 16 byte names are not.
    161     thread_name[MAX_TASK_NAME_LEN] = 0;
    162   }
    163 
    164   // "info" will be null if the siginfo_t information was not available.
    165   // Many signals don't have an address or a code.
    166   char code_desc[32]; // ", code -6"
    167   char addr_desc[32]; // ", fault addr 0x1234"
    168   addr_desc[0] = code_desc[0] = 0;
    169   if (info != nullptr) {
    170     // For a rethrown signal, this si_code will be right and the one debuggerd shows will
    171     // always be SI_TKILL.
    172     __libc_format_buffer(code_desc, sizeof(code_desc), ", code %d", info->si_code);
    173     if (has_address) {
    174       __libc_format_buffer(addr_desc, sizeof(addr_desc), ", fault addr %p", info->si_addr);
    175     }
    176   }
    177   __libc_format_log(ANDROID_LOG_FATAL, "libc",
    178                     "Fatal signal %d (%s)%s%s in tid %d (%s)",
    179                     signum, signal_name, code_desc, addr_desc, gettid(), thread_name);
    180 }
    181 
    182 /*
    183  * Returns true if the handler for signal "signum" has SA_SIGINFO set.
    184  */
    185 static bool have_siginfo(int signum) {
    186   struct sigaction old_action, new_action;
    187 
    188   memset(&new_action, 0, sizeof(new_action));
    189   new_action.sa_handler = SIG_DFL;
    190   new_action.sa_flags = SA_RESTART;
    191   sigemptyset(&new_action.sa_mask);
    192 
    193   if (sigaction(signum, &new_action, &old_action) < 0) {
    194     __libc_format_log(ANDROID_LOG_WARN, "libc", "Failed testing for SA_SIGINFO: %s",
    195                       strerror(errno));
    196     return false;
    197   }
    198   bool result = (old_action.sa_flags & SA_SIGINFO) != 0;
    199 
    200   if (sigaction(signum, &old_action, nullptr) == -1) {
    201     __libc_format_log(ANDROID_LOG_WARN, "libc", "Restore failed in test for SA_SIGINFO: %s",
    202                       strerror(errno));
    203   }
    204   return result;
    205 }
    206 
    207 static void send_debuggerd_packet(siginfo_t* info) {
    208   // Mutex to prevent multiple crashing threads from trying to talk
    209   // to debuggerd at the same time.
    210   static pthread_mutex_t crash_mutex = PTHREAD_MUTEX_INITIALIZER;
    211   int ret = pthread_mutex_trylock(&crash_mutex);
    212   if (ret != 0) {
    213     if (ret == EBUSY) {
    214       __libc_format_log(ANDROID_LOG_INFO, "libc",
    215           "Another thread contacted debuggerd first; not contacting debuggerd.");
    216       // This will never complete since the lock is never released.
    217       pthread_mutex_lock(&crash_mutex);
    218     } else {
    219       __libc_format_log(ANDROID_LOG_INFO, "libc",
    220                         "pthread_mutex_trylock failed: %s", strerror(ret));
    221     }
    222     return;
    223   }
    224 
    225   int s = socket_abstract_client(DEBUGGER_SOCKET_NAME, SOCK_STREAM | SOCK_CLOEXEC);
    226   if (s == -1) {
    227     __libc_format_log(ANDROID_LOG_FATAL, "libc", "Unable to open connection to debuggerd: %s",
    228                       strerror(errno));
    229     return;
    230   }
    231 
    232   // debuggerd knows our pid from the credentials on the
    233   // local socket but we need to tell it the tid of the crashing thread.
    234   // debuggerd will be paranoid and verify that we sent a tid
    235   // that's actually in our process.
    236   debugger_msg_t msg;
    237   msg.action = DEBUGGER_ACTION_CRASH;
    238   msg.tid = gettid();
    239   msg.abort_msg_address = reinterpret_cast<uintptr_t>(g_abort_message);
    240   msg.original_si_code = (info != nullptr) ? info->si_code : 0;
    241   ret = TEMP_FAILURE_RETRY(write(s, &msg, sizeof(msg)));
    242   if (ret == sizeof(msg)) {
    243     char debuggerd_ack;
    244     ret = TEMP_FAILURE_RETRY(read(s, &debuggerd_ack, 1));
    245     int saved_errno = errno;
    246     notify_gdb_of_libraries();
    247     errno = saved_errno;
    248   } else {
    249     // read or write failed -- broken connection?
    250     __libc_format_log(ANDROID_LOG_FATAL, "libc", "Failed while talking to debuggerd: %s",
    251                       strerror(errno));
    252   }
    253 
    254   close(s);
    255 }
    256 
    257 /*
    258  * Catches fatal signals so we can ask debuggerd to ptrace us before
    259  * we crash.
    260  */
    261 static void debuggerd_signal_handler(int signal_number, siginfo_t* info, void*) {
    262   // It's possible somebody cleared the SA_SIGINFO flag, which would mean
    263   // our "info" arg holds an undefined value.
    264   if (!have_siginfo(signal_number)) {
    265     info = nullptr;
    266   }
    267 
    268   log_signal_summary(signal_number, info);
    269 
    270   send_debuggerd_packet(info);
    271 
    272   // Remove our net so we fault for real when we return.
    273   signal(signal_number, SIG_DFL);
    274 
    275   // These signals are not re-thrown when we resume.  This means that
    276   // crashing due to (say) SIGPIPE doesn't work the way you'd expect it
    277   // to.  We work around this by throwing them manually.  We don't want
    278   // to do this for *all* signals because it'll screw up the si_addr for
    279   // faults like SIGSEGV. It does screw up the si_code, which is why we
    280   // passed that to debuggerd above.
    281   switch (signal_number) {
    282     case SIGABRT:
    283     case SIGFPE:
    284     case SIGPIPE:
    285 #if defined(SIGSTKFLT)
    286     case SIGSTKFLT:
    287 #endif
    288     case SIGTRAP:
    289       tgkill(getpid(), gettid(), signal_number);
    290       break;
    291     default:    // SIGILL, SIGBUS, SIGSEGV
    292       break;
    293   }
    294 }
    295 
    296 __LIBC_HIDDEN__ void debuggerd_init() {
    297   struct sigaction action;
    298   memset(&action, 0, sizeof(action));
    299   sigemptyset(&action.sa_mask);
    300   action.sa_sigaction = debuggerd_signal_handler;
    301   action.sa_flags = SA_RESTART | SA_SIGINFO;
    302 
    303   // Use the alternate signal stack if available so we can catch stack overflows.
    304   action.sa_flags |= SA_ONSTACK;
    305 
    306   sigaction(SIGABRT, &action, nullptr);
    307   sigaction(SIGBUS, &action, nullptr);
    308   sigaction(SIGFPE, &action, nullptr);
    309   sigaction(SIGILL, &action, nullptr);
    310   sigaction(SIGPIPE, &action, nullptr);
    311   sigaction(SIGSEGV, &action, nullptr);
    312 #if defined(SIGSTKFLT)
    313   sigaction(SIGSTKFLT, &action, nullptr);
    314 #endif
    315   sigaction(SIGTRAP, &action, nullptr);
    316 }
    317