| Age | Commit message (Collapse) | Author |
|---|
|
BUG: 170465278
Test: TH
Change-Id: Ib906c46141886e691f4fc908d7b2f5dbe5eeda08
|
|
These projects have moved to a different location.
platform/system/core [libprocinfo] -> platform/system/libprocinfo
platform/system/core [libbacktrace] -> platform/system/unwinding [libbacktrace]
platform/system/core [libunwindstack] -> platform/system/unwinding [libunwindstack]
BUG: 163786882
Test: Local build + TH
Change-Id: Id6d278d917236df0ffd40b5c32593856e112cb5b
|
|
BUG: 163786882
Test: TH
Change-Id: I9ee33e64c07384cc8a238a19cf9445085cf7b94f
|
|
Mark a CIE with a S in its augmentation string as signal frame.
This allows the code to properly handle signal frame data if none
of the signal frame pattern matchers work.
For a signal frame, DwarfSectionImpl<AddressType>::Eval needs to
continue the unwinding even if PC is zero. A zero PC means that the
program has crashed, and we should try to recover the real PC using the
return address on the stack or LR. This behavior is tested by
UnwindOffline.signal_{x86,x86_64}, which modify the libc.so files
so that the signal frame pattern matcher fails and the CIE/FDE
data is used instead.
Test: libunwindstack_test
Change-Id: I4655b070028fd984345311a5e743796f8c30ed36
|
|
Bug: 169657723
Test: Ran original test case and verified it does not leak.
Change-Id: I7a315bc3a2c380c207696ce06cc4aeb5b27937ac
|
|
This simplifies some of the logic and removes the need to pass an
Arch value to functions that should already know about the arch
it is operating on.
Includes fixes for debuggerd/libbacktrace.
Added new unit tests to cover new cases.
Test: All unit tests pass.
Test: Faked unwinder failing to verify debuggerd error messages display
Test: properly in backtrace and tombstone.
Change-Id: I439fcae0695befcfb1cb4c0a786cc74949d33425
|
|
The check for a signal handler was checking for the instruction after
the syscall. On cuttlefish 64 bit, the instruction was not a nop, so
the check failed, and the signal handler was not working. Only check
the instructions up to the syscall instead.
Bug: 168806886
Test: Ran on x86_64.
Change-Id: I605ed22248748f525939e55d734caa5b08c80bb2
|
|
This is not possible in the real world, so prevent this particular case
to avoid leaking memory and any other issues.
Bug: 165619316
Test: Verified the fuzzer test case that caused a leak no longer leaks.
Change-Id: I352b3bd21a4931432e015af89c256ddbcdaa1070
|
|
Bug: http://b/165206592
Test: unit tests and treehugger
Change-Id: Ic357ee6160281c5986570de5536b3247b231bc6f
|
|
There are a few bugs in this routine, so fix them and add unit tests
to cover the cases.
Test: Unit tests pass.
Change-Id: I9bcb9b9fbe33d56a17a613ae3aa88036bd1d0ef1
|
|
A previous cl missed adding a return in the new path which could result
in a crash if the map info is null. Add the return back.
Added a new test to catch this case.
Bug: 166188440
Test: Unit tests pass. Verified the new test crashes on the old code.
Change-Id: I9420b47dae0f880493c0e6a60d97bb3468ff2906
|
|
Currently, while evaluating a Dwarf section, even pseudoregisters are
saved in regs_info. Since pseudoregisters are stored separately from
ordinary registers, trying to read them the usual way will result in
an out-of-bounds read. There's no memory corruption as regs_info is
big enough to store all existing pseudoregisters.
With this patch, pseudoregisters are simply not saved in regs_info.
Added new unit tests to cover the pseudo register cases.
Test: libunwindstack_test
Change-Id: If21b2a79f2fcca85644eec430f3d22e354b001ec
|
|
This way, the profilers will know they have to reparse maps.
Bug: 163130539
Test: Verified updated unit tests pass.
Change-Id: I88a801ffdda12811eab5e4833dcf472f2d75c09a
|
|
The fuzzer was creating individual maps that overlapped with other maps.
Since this is not possible in the real world unless the kernel is broken,
do not let the fuzzer do this. This resulted in memory leaks, because some
parts of the code have this assumption baked in.
Bug: 160895854
Test: Ran fuzzer test case that leaked memory and verified it no longer does.
Change-Id: I9f3c1e28781093b041b747e1566fb51d40d2bf71
|
|
This patch adds support for handling return addresses signed with
pointer authentication. It simply strips the authentication code
without verifying its correctness, and thus works with both A and B
keys and through key-change boundaries.
Additons:
* DW_CFA_AARCH64_negate_ra_state: new CFA operation.
* RA_SIGN_STATE: new pseudo register.
* Pass the arch to DwarfCfa so that the new op is only executed
on aarch64.
The stripping uses the xpaclri instruction. This is a hint space
instruction which is compatible with pre Armv8.3-A devices. For cases
where it cannot be used, a mask can be set instead.
Test: libunwindstack_test
Without this patch all UnwindTest.* testcases should fail if
compiled with Pointer Authentication.
The tests should be executed with both -mbranch-protection=pac-ret and
pac-ret+leaf flags so that either some or all functions have pointer
authentication instructions.
Change-Id: Id7c3f1d0e2fc7fccb19bd1430826264405a9df7c
|
|
Adds a fuzzer for Unwinder. This will likely cover a large portion of the library, as it uses many of the library's features
in the process of setting up the Unwinder. Hopefully this, combined with the calls Unwinder makes internally, will provide
sufficient coverage.
Rough coverage estimate (this is drastically lower than the true number due to shared libraries): 6.6%
Test: Ran on device for a few hours
Signed-off-by: Dylan Katz <dylan.katz@leviathansecurity.com>
Change-Id: I813e204df595ff38dccfb73be7fff5c080aaa043
|
|
Bug: http://b/153609531
Test: m -j64 libbacktrace.native_bridge
Change-Id: I2b8a881b4e952f3b68dbcaeb14f147a6d955b406
|
|
Test: Ran benchmarks on host and device.
Change-Id: I41b7d29bfa3468b9b9b8cbdfe94aca830d14f98e
|
|
The marked library(ies) were available to the APEXes via the
hand-written whitelist in build/soong/apex/apex.go. Trying to remove the
whitelist by adding apex_available property to the Android.bp of the
libraries.
Exempt-From-Owner-Approval: cherry-pick from internal
Bug: 150999716
Test: m
Merged-In: I54db09314c7236a227f04281a439c1d5dc56ef2c
Change-Id: I54db09314c7236a227f04281a439c1d5dc56ef2c
(cherry picked from commit a2606921b2003991e8f58444c869a26e2426d92c)
|
|
|
|
|
|
In addition, move a couple of elf benchmarks out of unwind_benchmarks.cpp
to the ElfBenchmarks.cpp file.
Test: Ran benchmarks.
Change-Id: I169f89f7b2dd6735568143f2176301e181fb8262
|
|
Libunwindstack would remove duplicated items and update the `prev_map`
during reparsing `/proc/self/maps`. But we leave `prev_real_map`
pointing toward a MapInfo that will be deleted soon. It will cause a
dangling pointer issue.
Add new tests to cover this dangling pointer issue.
Bug: 155511785
Test: libunwindstack_test
Change-Id: I62e1b97bcb73f07e9349671f0b758f5ec9de16c0
|
|
with Bionic"."
|
|
Bionic".
Relanding unchanged - the build problem was due to a split topic.
Test: m checkbuild
Test: atest libunwindstack_unit_test
Test: lunch fvp-userdebug && mmm system/core/libunwindstack
Bug: 152255951
Change-Id: Ifd1ced65b840ef216630906eec1ec31233e0c5f1
|
|
Bug: 135772972
Change-Id: I506429d7bff79f83828e1f0d5c0ea0468ee1580b
|
|
Reason for revert: Breaks rvc-d1-dev-plus-aosp: http://ab/6443190
Reverted Changes:
Ide447b89a:bionic_libc_platform_headers is only available whe...
Ia93cd3ec8:bionic_libc_platform_headers is only available whe...
Icdc495588:Make bionic_platform_headers available only for Bi...
Idfd7c87dc:bionic_libc_platform_headers is only available whe...
Bug: 152255951
Bug: 155269399
Change-Id: I4e6beba5565e604fde3a51cdce5cc4041caffa4e
|
|
Tagged pointer for aarch64 since Android R would lead top byte to have
random values. For example of a symbol from libart.so in a hwasan
enabled device in Android R:
1490: 8800000000b094a0 144 OBJECT GLOBAL 24 __dex_debug_descriptor
We need to mask off the top byte so that the address range comparison
would work as intended.
Test: Ran new unit test
Signed-off-by: Yong Li <yongl0722@gmail.com>
Change-Id: Ia8c638e16baff57740c569e9eaf9cfd1f5bd3fad
|
|
Test: m checkbuild
Test: atest libunwindstack_unit_test
Test: lunch fvp-userdebug && mmm system/core/libunwindstack
Bug: 152255951
Change-Id: Idfd7c87dc65db350730fec3ceef8c6bc64acf60b
|
|
|
|
|
|
This function is responsible for majority of CPU time in prefetto.
Reduce the number of memory reads (don't read strings byte-by-byte).
Update all calls of ReadString to include the third parameter to have
a max read.
Add an Elf creation benchmark since this function is on the elf
creation path.
Test: libunwindstack_unit_test
Change-Id: Ia36e1f1a5ba76c9e9f13c43fb9e3691dde7897f2
|
|
ELF symbols are not sorted by address. Create remap table
which reshuffles the indices into sorted-by-address order.
This saves over 6x of memory (the remap table needs just
uint32_t per entry, as opposed the FuncInfo cache entry).
ART symbols are sorted. Make use of that fact.
Bug: 110133331
Test: libunwindstack_test
Test: art/test.py -b --host -r -t 137-cfi
Change-Id: I1812d2dd3ad6a69ae93ed50ca387749c649289b9
|
|
This uses an experimental Linux kernel API for reading the tags across
processes using ptrace.
Bug: 135772972
Test: Unit tests pass.
Change-Id: Ib1a09d9219166011de80cf250b756bb8a4bcdb0a
|
|
Add a number of benchmarks to time how long it takes to look
up symbols.
Test: Ran benchmarks on device.
Change-Id: Iab7aab3f60c2c7056395beca3d36263420bcb5dc
|
|
If the Dex file we're trying to examine is already within the unwinder's
address space, we don't need to load it from disk or copy it across
processes.
This avoids using up virtual address space to map in dex files, and
also should be a bit faster to read since it won't go out to the file.
Patch by Chris Sarbora
Test: Ran new unit tests.
Test: Ran 137-cfi art test.
Change-Id: I949457856f051cca11b9020e9da3a41bbf6e5c8e
|
|
This was sometimes causing build ids to be truncated, probably because
of memory corruption in std::string. A similar off-by-one was fixed in
ReadBuildID in aosp/939619.
Bug: 129873279
Change-Id: I401fe7f991dbd135f5b4836381b48ea3c6a2243f
|
|
GWP-ASan uses frame-pointer based unwinding internally on
allocation/deallocation to collect stack traces that are used when
crashes are reported.
This should be generic, so pull it out into libunwindstack so it can be
used by MTE as well.
Bug: 152412331
Test: atest debuggerd_test
Change-Id: I27b32263aac63446f5fe398af108676b70cd3971
|
|
|
|
|
|
The DexFile handle is allocated from heap in OpenFromFd/OpenFromMemory.
After releasing the unique_ptr, the DexFile handle itself is no longer
managed by the smart pointer. However, the DexFile handle is not freed
in the constructor of DexFileFromFile/DexFileFromMemory.
This change uses get() method to get the DexFile pointer while allowing
it to be managed by smart pointer so that it can be freed after method
end.
Added new unit tests to detect leaks.
Bug: 151966190
Test: Unwinding can still retrieve dex frame information during crash.
Test: Ran new unit tests before change and verified they fail, ran them
Test: after the change and verified they don't fail.
Signed-off-by: Yong Li <yongl0722@gmail.com>
Change-Id: I0627e1e255eb6644aba51e940c1a79ff78d568d7
|
|
We're now using it in contexts that don't have all of the registers available,
such as GWP-ASan and soon MTE, so it doesn't make sense to have it be a
member function of Regs.
Bug: 135772972
Change-Id: I18b104ea0adb78588d7e475d0624cefc701ba52c
|
|
- Create a static library libunwindstack_no_dex without DEX support.
- Use it in libdebuggerd_handler_fallback, whose only use is in the
linker, which shouldn't need that support.
- Use it in init_first_stage, which doesn't need DEX support either.
- Also need a libbacktrace_no_dex since it's in the dependency chain
from init_first_stage to libunwindstack_no_dex.
Also restrict the *_no_dex libs and libdebuggerd_handler_fallback as
much as possible to avoid inadvertent use of these reduced
functionality libs.
Test: m init_first_stage on Cuttlefish
where BOARD_BUILD_SYSTEM_ROOT_IMAGE=false
Test: m system_image com.android.runtime
Test: Build & boot
Test: atest linker-unit-tests libunwindstack_unit_test debuggerd_test
Bug: 142944931
Bug: 151466650
Change-Id: Iaacb29bfe602f3ca12a00a712e2a64c45ff0118b
|
|
For now this leaves the ability to cross-unwind a mips process, but we
should probably clean that up too. We need to remove the build remnants so
that we can clean up the build system itself (otherwise it sees us talking
about an architecture it doesn't know about, and assumes that something's
wrong).
Test: treehugger
Change-Id: I2862c630cec95dbdd474e34c3568d0e1a6d44b16
|
|
Simplify and fix the algorithm.
For consecutive functions (eg [10,20] [20,30]) without
padding in between, the old algorithm would drop FDEs.
Test: libunwindstack_test
Change-Id: Ie886922bec262fb64d4b2ecf01c2961d0652dcdb
|
|
|
|
Bug: none
Test: run `atest --test-mapping system/core/libunwindstack`.
Change-Id: I62521f63ca748bb1980282ed6399328573d4de41
|
|
The memcpy should be for 31 GPRs, [x0, x30]. Currently it (accidentally)
also copies over the SP register (which ends up being harmless, as the
layouts match, and the value is reassigned again anyway).
Separately, I'm including an optional change for the iteration order,
since LR is the x30 GPR, it makes slightly more sense to print it
immediately after x29. However, this is a change in behaviour, so I can
undo the change if you think it's not worth it.
Tested: atest libunwindstack_unit_test
Change-Id: Ib6b81f8ee3a9a526bfabe4b09b327f083c855fb8
|
|
Recently, the maps for an elf in memory might show up looking like:
f0000-f1000 0 r-- /system/lib/libc.so
f1000-f2000 0 ---
f2000-f3000 1000 r-x /system/lib/libc.so
f3000-f4000 2000 rw- /system/lib/libc.so
The problem is that there is logic in the code that assumed that the
map before the execute map must be the read-only map. In the case
above, this is not true. Add a new prev_real_map that will point
to the previous map that is not one of these empty maps.
This will fix the backtraces that look like this:
#00 pc 0000000000050d58 /apex/com.android.runtime/lib64/bionic/libc.so!libc.so (offset 0x50000) (syscall+24) (BuildId: 5252408bf30e395d49ee270b54c77ca4)
To get rid of the !libc.so and the offset value, which is not correct.
Added new unit tests to verify this.
Added new offline test which an empty map between read-only and execute
map. Before this change, the backtraces had lines like
libc.so!libc.so (offset XXX) would be present.
Bug: 148075852
Test: Ran unit tests.
Change-Id: Ie04bfc96b8f91ed885cb1e655cf1e346efe48a45
|
|
Recently, the maps for an elf in memory might show up looking like:
f0000-f1000 0 r-- /system/lib/libc.so
f1000-f2000 0 ---
f2000-f3000 1000 r-x /system/lib/libc.so
f3000-f4000 2000 rw- /system/lib/libc.so
That empty map was confusing the logic when looking for a global
variable. Now this case is handled properly.
New unit test added for this case.
Bug: 147910661
Test: Ran unit tests.
Test: Ran original failing test 137-cfi.
Change-Id: Ida2e96d1da5e1bf61f41646949fe5a2d405c0d61
|
