| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
| |
These projects have moved to a different location.
platform/system/core [libprocinfo] -> platform/system/libprocinfo
platform/system/core [libbacktrace] -> platform/system/unwinding [libbacktrace]
platform/system/core [libunwindstack] -> platform/system/unwinding [libunwindstack]
BUG: 163786882
Test: Local build + TH
Change-Id: Id6d278d917236df0ffd40b5c32593856e112cb5b
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Mark a CIE with a S in its augmentation string as signal frame.
This allows the code to properly handle signal frame data if none
of the signal frame pattern matchers work.
For a signal frame, DwarfSectionImpl<AddressType>::Eval needs to
continue the unwinding even if PC is zero. A zero PC means that the
program has crashed, and we should try to recover the real PC using the
return address on the stack or LR. This behavior is tested by
UnwindOffline.signal_{x86,x86_64}, which modify the libc.so files
so that the signal frame pattern matcher fails and the CIE/FDE
data is used instead.
Test: libunwindstack_test
Change-Id: I4655b070028fd984345311a5e743796f8c30ed36
|
| |
|
|
|
|
|
| |
Bug: 169657723
Test: Ran original test case and verified it does not leak.
Change-Id: I7a315bc3a2c380c207696ce06cc4aeb5b27937ac
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This simplifies some of the logic and removes the need to pass an
Arch value to functions that should already know about the arch
it is operating on.
Includes fixes for debuggerd/libbacktrace.
Added new unit tests to cover new cases.
Test: All unit tests pass.
Test: Faked unwinder failing to verify debuggerd error messages display
Test: properly in backtrace and tombstone.
Change-Id: I439fcae0695befcfb1cb4c0a786cc74949d33425
|
| |
|
|
|
|
|
|
|
|
| |
This is not possible in the real world, so prevent this particular case
to avoid leaking memory and any other issues.
Bug: 165619316
Test: Verified the fuzzer test case that caused a leak no longer leaks.
Change-Id: I352b3bd21a4931432e015af89c256ddbcdaa1070
|
| |
|
|
|
|
|
|
| |
There are a few bugs in this routine, so fix them and add unit tests
to cover the cases.
Test: Unit tests pass.
Change-Id: I9bcb9b9fbe33d56a17a613ae3aa88036bd1d0ef1
|
| |
|
|
|
|
|
|
|
|
|
|
| |
A previous cl missed adding a return in the new path which could result
in a crash if the map info is null. Add the return back.
Added a new test to catch this case.
Bug: 166188440
Test: Unit tests pass. Verified the new test crashes on the old code.
Change-Id: I9420b47dae0f880493c0e6a60d97bb3468ff2906
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently, while evaluating a Dwarf section, even pseudoregisters are
saved in regs_info. Since pseudoregisters are stored separately from
ordinary registers, trying to read them the usual way will result in
an out-of-bounds read. There's no memory corruption as regs_info is
big enough to store all existing pseudoregisters.
With this patch, pseudoregisters are simply not saved in regs_info.
Added new unit tests to cover the pseudo register cases.
Test: libunwindstack_test
Change-Id: If21b2a79f2fcca85644eec430f3d22e354b001ec
|
| |
|
|
|
|
|
|
|
| |
This way, the profilers will know they have to reparse maps.
Bug: 163130539
Test: Verified updated unit tests pass.
Change-Id: I88a801ffdda12811eab5e4833dcf472f2d75c09a
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The fuzzer was creating individual maps that overlapped with other maps.
Since this is not possible in the real world unless the kernel is broken,
do not let the fuzzer do this. This resulted in memory leaks, because some
parts of the code have this assumption baked in.
Bug: 160895854
Test: Ran fuzzer test case that leaked memory and verified it no longer does.
Change-Id: I9f3c1e28781093b041b747e1566fb51d40d2bf71
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch adds support for handling return addresses signed with
pointer authentication. It simply strips the authentication code
without verifying its correctness, and thus works with both A and B
keys and through key-change boundaries.
Additons:
* DW_CFA_AARCH64_negate_ra_state: new CFA operation.
* RA_SIGN_STATE: new pseudo register.
* Pass the arch to DwarfCfa so that the new op is only executed
on aarch64.
The stripping uses the xpaclri instruction. This is a hint space
instruction which is compatible with pre Armv8.3-A devices. For cases
where it cannot be used, a mask can be set instead.
Test: libunwindstack_test
Without this patch all UnwindTest.* testcases should fail if
compiled with Pointer Authentication.
The tests should be executed with both -mbranch-protection=pac-ret and
pac-ret+leaf flags so that either some or all functions have pointer
authentication instructions.
Change-Id: Id7c3f1d0e2fc7fccb19bd1430826264405a9df7c
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Adds a fuzzer for Unwinder. This will likely cover a large portion of the library, as it uses many of the library's features
in the process of setting up the Unwinder. Hopefully this, combined with the calls Unwinder makes internally, will provide
sufficient coverage.
Rough coverage estimate (this is drastically lower than the true number due to shared libraries): 6.6%
Test: Ran on device for a few hours
Signed-off-by: Dylan Katz <dylan.katz@leviathansecurity.com>
Change-Id: I813e204df595ff38dccfb73be7fff5c080aaa043
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Tagged pointer for aarch64 since Android R would lead top byte to have
random values. For example of a symbol from libart.so in a hwasan
enabled device in Android R:
1490: 8800000000b094a0 144 OBJECT GLOBAL 24 __dex_debug_descriptor
We need to mask off the top byte so that the address range comparison
would work as intended.
Test: Ran new unit test
Signed-off-by: Yong Li <yongl0722@gmail.com>
Change-Id: Ia8c638e16baff57740c569e9eaf9cfd1f5bd3fad
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Libunwindstack would remove duplicated items and update the `prev_map`
during reparsing `/proc/self/maps`. But we leave `prev_real_map`
pointing toward a MapInfo that will be deleted soon. It will cause a
dangling pointer issue.
Add new tests to cover this dangling pointer issue.
Bug: 155511785
Test: libunwindstack_test
Change-Id: I62e1b97bcb73f07e9349671f0b758f5ec9de16c0
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Bionic".
Relanding unchanged - the build problem was due to a split topic.
Test: m checkbuild
Test: atest libunwindstack_unit_test
Test: lunch fvp-userdebug && mmm system/core/libunwindstack
Bug: 152255951
Change-Id: Ifd1ced65b840ef216630906eec1ec31233e0c5f1
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Reason for revert: Breaks rvc-d1-dev-plus-aosp: http://ab/6443190
Reverted Changes:
Ide447b89a:bionic_libc_platform_headers is only available whe...
Ia93cd3ec8:bionic_libc_platform_headers is only available whe...
Icdc495588:Make bionic_platform_headers available only for Bi...
Idfd7c87dc:bionic_libc_platform_headers is only available whe...
Bug: 152255951
Bug: 155269399
Change-Id: I4e6beba5565e604fde3a51cdce5cc4041caffa4e
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Test: m checkbuild
Test: atest libunwindstack_unit_test
Test: lunch fvp-userdebug && mmm system/core/libunwindstack
Bug: 152255951
Change-Id: Idfd7c87dc65db350730fec3ceef8c6bc64acf60b
|
| |\ \ |
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
ELF symbols are not sorted by address. Create remap table
which reshuffles the indices into sorted-by-address order.
This saves over 6x of memory (the remap table needs just
uint32_t per entry, as opposed the FuncInfo cache entry).
ART symbols are sorted. Make use of that fact.
Bug: 110133331
Test: libunwindstack_test
Test: art/test.py -b --host -r -t 137-cfi
Change-Id: I1812d2dd3ad6a69ae93ed50ca387749c649289b9
|
| |\ \ |
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This function is responsible for majority of CPU time in prefetto.
Reduce the number of memory reads (don't read strings byte-by-byte).
Update all calls of ReadString to include the third parameter to have
a max read.
Add an Elf creation benchmark since this function is on the elf
creation path.
Test: libunwindstack_unit_test
Change-Id: Ia36e1f1a5ba76c9e9f13c43fb9e3691dde7897f2
|
| |/
|
|
|
|
|
|
|
|
| |
This uses an experimental Linux kernel API for reading the tags across
processes using ptrace.
Bug: 135772972
Test: Unit tests pass.
Change-Id: Ib1a09d9219166011de80cf250b756bb8a4bcdb0a
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If the Dex file we're trying to examine is already within the unwinder's
address space, we don't need to load it from disk or copy it across
processes.
This avoids using up virtual address space to map in dex files, and
also should be a bit faster to read since it won't go out to the file.
Patch by Chris Sarbora
Test: Ran new unit tests.
Test: Ran 137-cfi art test.
Change-Id: I949457856f051cca11b9020e9da3a41bbf6e5c8e
|
| |
|
|
|
|
|
|
|
| |
This was sometimes causing build ids to be truncated, probably because
of memory corruption in std::string. A similar off-by-one was fixed in
ReadBuildID in aosp/939619.
Bug: 129873279
Change-Id: I401fe7f991dbd135f5b4836381b48ea3c6a2243f
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The DexFile handle is allocated from heap in OpenFromFd/OpenFromMemory.
After releasing the unique_ptr, the DexFile handle itself is no longer
managed by the smart pointer. However, the DexFile handle is not freed
in the constructor of DexFileFromFile/DexFileFromMemory.
This change uses get() method to get the DexFile pointer while allowing
it to be managed by smart pointer so that it can be freed after method
end.
Added new unit tests to detect leaks.
Bug: 151966190
Test: Unwinding can still retrieve dex frame information during crash.
Test: Ran new unit tests before change and verified they fail, ran them
Test: after the change and verified they don't fail.
Signed-off-by: Yong Li <yongl0722@gmail.com>
Change-Id: I0627e1e255eb6644aba51e940c1a79ff78d568d7
|
| |/
|
|
|
|
|
|
|
| |
We're now using it in contexts that don't have all of the registers available,
such as GWP-ASan and soon MTE, so it doesn't make sense to have it be a
member function of Regs.
Bug: 135772972
Change-Id: I18b104ea0adb78588d7e475d0624cefc701ba52c
|
| |
|
|
|
|
|
|
|
|
| |
Simplify and fix the algorithm.
For consecutive functions (eg [10,20] [20,30]) without
padding in between, the old algorithm would drop FDEs.
Test: libunwindstack_test
Change-Id: Ie886922bec262fb64d4b2ecf01c2961d0652dcdb
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
The memcpy should be for 31 GPRs, [x0, x30]. Currently it (accidentally)
also copies over the SP register (which ends up being harmless, as the
layouts match, and the value is reassigned again anyway).
Separately, I'm including an optional change for the iteration order,
since LR is the x30 GPR, it makes slightly more sense to print it
immediately after x29. However, this is a change in behaviour, so I can
undo the change if you think it's not worth it.
Tested: atest libunwindstack_unit_test
Change-Id: Ib6b81f8ee3a9a526bfabe4b09b327f083c855fb8
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Recently, the maps for an elf in memory might show up looking like:
f0000-f1000 0 r-- /system/lib/libc.so
f1000-f2000 0 ---
f2000-f3000 1000 r-x /system/lib/libc.so
f3000-f4000 2000 rw- /system/lib/libc.so
The problem is that there is logic in the code that assumed that the
map before the execute map must be the read-only map. In the case
above, this is not true. Add a new prev_real_map that will point
to the previous map that is not one of these empty maps.
This will fix the backtraces that look like this:
#00 pc 0000000000050d58 /apex/com.android.runtime/lib64/bionic/libc.so!libc.so (offset 0x50000) (syscall+24) (BuildId: 5252408bf30e395d49ee270b54c77ca4)
To get rid of the !libc.so and the offset value, which is not correct.
Added new unit tests to verify this.
Added new offline test which an empty map between read-only and execute
map. Before this change, the backtraces had lines like
libc.so!libc.so (offset XXX) would be present.
Bug: 148075852
Test: Ran unit tests.
Change-Id: Ie04bfc96b8f91ed885cb1e655cf1e346efe48a45
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Recently, the maps for an elf in memory might show up looking like:
f0000-f1000 0 r-- /system/lib/libc.so
f1000-f2000 0 ---
f2000-f3000 1000 r-x /system/lib/libc.so
f3000-f4000 2000 rw- /system/lib/libc.so
That empty map was confusing the logic when looking for a global
variable. Now this case is handled properly.
New unit test added for this case.
Bug: 147910661
Test: Ran unit tests.
Test: Ran original failing test 137-cfi.
Change-Id: Ida2e96d1da5e1bf61f41646949fe5a2d405c0d61
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Rather than use a std::vector for backing memory, allocate the memory
using a new with nothrow, and in MemoryBuffer use realloc. Since
the size field is coming from the elf, it could be corrupted or
intentionally crafted to cause problems.
In addition, add some other protections to make sure that overflows
don't occur.
Bug: 146215949
Test: Ran unit tests with jemalloc and scudo to verify that they
Test: both behave the same way.
Change-Id: If14243ce382ba5403a6bacd0ec673452c6b7c3be
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| | |
(for the new googletest
Test: run tests
Change-Id: I3856a4a8f3ed23bcfcc59bec7624595e91740be0
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The function StepIfSignalHandler assumed that the rel_pc passed
to it was actually an elf offset. A new version of clang created a libc.so
that has a load bias, so tests unwinding through a signal handler
would fail on arm. On other ABIs, there is unwind information that could
be used instead, so the unwind still worked.
The fix is to subtract the load bias from the rel_pc to get an elf
offset to pass to the Register StepIfSignalHandler functions. Change all
of the Register funtions to make it clear what the first parameter means.
Add a unit test for this new code. Also, add an offline test for
this case.
Bug: 145683525
Test: Ran unit tests using the new clang and the old clang.
Change-Id: I3e249653b79bcad6d3a56411a7911fde4888e9d6
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The code was not properly getting the variable addresses and using
the offset and address fields of the .data section.
Fix all of that, and update the tests.
Bug: 145162678
Test: Unit tests pass.
Test: ./art/test/run-test --dex2oat-jobs 4 --host --prebuild --compact-dex-level fast --jit --no-relocate --runtime-option -Xcheck:jni 137-cfi
Test: ./art/test/testrunner/testrunner.py -t 137 --host
Change-Id: Ic61c4487334fd2273cda9c56eb1a3b525a03edb7
|
| |\ \
| |/
|/| |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
A thread's PSTATE can sometimes be critical for understanding a crash,
especially with MTE and other new features that store per-thread state
in PSTATE.
Bug: 135772972
Change-Id: I1bee25bffe7eea395f04b6449dc9227298cf866e
|
| | |
| |
| |
| |
| |
| |
| | |
The new googletest requires prefix to be non-empty.
Exempt-From-Owner-Approval: fix test
Change-Id: Ic039cb657b455919e429a3ec2107893b1734e8a1
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Due to a bug, an elf can have FDEs with a length of zero, while still
having another FDE for the same pc with a non-zero length. The
eh_frame_hdr can sometimes point to the zero length FDE, but it should
have pointed to the non-zero length FDE. In order to fix this, if the
eh_frame_hdr points at the zero length FDE then try and find the real FDE
directly from eh_frame.
The change cleans up and removes unused variables from DwarfEhFrameWithHdr
and changes the objects so that all of the DwarfSection objects and
DwarfEhFrameWithHdr object inherit from the same class.
Add new unit tests to verify this functionality.
Bug: 142483624
Test: Unit tests all pass.
Change-Id: I128a916e3ba378931de7d44ee15e57e24d4073df
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The bias for the PT_GNU_EH_FRAME was using the paddr instead of vaddr.
This doesn't match the way the load bias is calculated, which always
use vaddr - offset, so change to use vaddr.
Found on an old x86 device that has a vdso that sets vaddr differently
from paddr.
Add a new offline test to catch this case and update the elf interface
unit tests.
Also, fix a small bug in the unwind_for_offline tool.
Bug: 142365899
Test: Unit tests pass.
Change-Id: I5f0bf062dd8ee45aa8553189ba493ec962e0b059
|
| | |
| |
| |
| |
| | |
Test: Builds and unit tests pass.
Change-Id: I64e0034359c213f37c098d1c97be260bd955ca0f
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The original code assumed that the load bias in the program headers
would be exactly the same as in eh_frame/eh_frame_hdr/debug_frame.
This isn't guaranteed, so add a section bias for use when creating
a DwarfSection. In addtion, make the load bias and section bias
a signed value. There is no reason that this value needs to be positive,
so don't force it to be.
Add a new offline test that has a different load bias in eh_frame than
in the executable load.
Add additional unit tests to verify the load bias values are set properly.
Clean up the tests in ElfInterfaceTest, making all tests names follow the
same convention.
Bug: 141888859
Bug: 142094469
Test: New units and old unit tests pass on host and taimen.
Change-Id: Ib878123ab5545f0f315c749cfe0d27b012d873ee
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The load bias value set in ReadProgramHeaders is out of sync with the
algorithm used in the static GetLoadBias function.
Sync the two and add tests to verify that they stay in sync.
Test: Unit tests pass.
Change-Id: I20ac0104970a22a92a5314a41dcadad0c9c22e64
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Avoid accessing nullptr of already deleted entry.
Add new unit tests that pass with the fix and fail without.
Test: fixes unwinding in ART gcstress tests
Test: All unit tests pass.
Change-Id: Ideb00e2adc899904dd6aeb5dad3fb6fad150322d
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Created a special target, libunwindstack_unit_test, that doesn't
include the test that dlopen's a shared library. It appears atest
doesn't understand how to handle the require keyword.
Also, move the shared library into the libunwindstack_test directory
itself.
Test: Ran atest libunwindstack_unit_test.
Change-Id: I967919b1d74a08669b61d0363d80861685725609
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Add a specific test that __libc_init is the last frame in a stack
when run on device. In addition, it verifies that the return address
register is marked as undefined given the unwind.
Bug: 140008396
Test: New unit test passes on arm/arm64 (taimen device).
Test: New unit test passes on x86 (cuttlefish).
Test: New unit test passes on x86_64 (modified bionic/tests/run-on-host.sh)
Change-Id: Iefc151a7dbf52ab083c2bb78bad3d38b4e9e1254
|
| |\ \ |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
Modify the MapInfoCreateMemoryTest to work in the isolated mode.
Test: Ran unit tests on host/target.
Change-Id: I84e01d96e852acd813e0f203b4a207cfaf8ca556
|
