1 // Copyright (c) 2010 Google Inc.
2 // All rights reserved.
3 //
4 // Redistribution and use in source and binary forms, with or without
5 // modification, are permitted provided that the following conditions are
6 // met:
7 //
8 //     * Redistributions of source code must retain the above copyright
9 // notice, this list of conditions and the following disclaimer.
10 //     * Redistributions in binary form must reproduce the above
11 // copyright notice, this list of conditions and the following disclaimer
12 // in the documentation and/or other materials provided with the
13 // distribution.
14 //     * Neither the name of Google Inc. nor the names of its
15 // contributors may be used to endorse or promote products derived from
16 // this software without specific prior written permission.
17 //
18 // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
19 // "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
20 // LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
21 // A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
22 // OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
23 // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
24 // LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
25 // DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
26 // THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
27 // (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
28 // OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
29 
30 // stackwalker.cc: Generic stackwalker.
31 //
32 // See stackwalker.h for documentation.
33 //
34 // Author: Mark Mentovai
35 
36 #include "google_breakpad/processor/stackwalker.h"
37 
38 #include <assert.h>
39 
40 #include "common/scoped_ptr.h"
41 #include "google_breakpad/processor/call_stack.h"
42 #include "google_breakpad/processor/code_module.h"
43 #include "google_breakpad/processor/code_modules.h"
44 #include "google_breakpad/processor/dump_context.h"
45 #include "google_breakpad/processor/stack_frame.h"
46 #include "google_breakpad/processor/stack_frame_symbolizer.h"
47 #include "google_breakpad/processor/system_info.h"
48 #include "processor/linked_ptr.h"
49 #include "processor/logging.h"
50 #include "processor/stackwalker_ppc.h"
51 #include "processor/stackwalker_ppc64.h"
52 #include "processor/stackwalker_sparc.h"
53 #include "processor/stackwalker_x86.h"
54 #include "processor/stackwalker_amd64.h"
55 #include "processor/stackwalker_arm.h"
56 #include "processor/stackwalker_arm64.h"
57 #include "processor/stackwalker_mips.h"
58 
59 namespace google_breakpad {
60 
61 const int Stackwalker::kRASearchWords = 40;
62 
63 // This default is just a sanity check: a large enough value
64 // that allow capturing unbounded recursion traces, yet provide a
65 // guardrail against stack walking bugs. The stack walking invariants
66 // guarantee that the unwinding process is strictly monotonic and
67 // practically bounded by the size of the stack memory range.
68 uint32_t Stackwalker::max_frames_ = 1 << 20;  // 1M
69 bool Stackwalker::max_frames_set_ = false;
70 
71 uint32_t Stackwalker::max_frames_scanned_ = 1 << 14;  // 16k
72 
Stackwalker(const SystemInfo * system_info,MemoryRegion * memory,const CodeModules * modules,StackFrameSymbolizer * frame_symbolizer)73 Stackwalker::Stackwalker(const SystemInfo* system_info,
74                          MemoryRegion* memory,
75                          const CodeModules* modules,
76                          StackFrameSymbolizer* frame_symbolizer)
77     : system_info_(system_info),
78       memory_(memory),
79       modules_(modules),
80       unloaded_modules_(NULL),
81       frame_symbolizer_(frame_symbolizer) {
82   assert(frame_symbolizer_);
83 }
84 
InsertSpecialAttentionModule(StackFrameSymbolizer::SymbolizerResult symbolizer_result,const CodeModule * module,vector<const CodeModule * > * modules)85 void InsertSpecialAttentionModule(
86     StackFrameSymbolizer::SymbolizerResult symbolizer_result,
87     const CodeModule* module,
88     vector<const CodeModule*>* modules) {
89   if (!module) {
90     return;
91   }
92   assert(symbolizer_result == StackFrameSymbolizer::kError ||
93          symbolizer_result == StackFrameSymbolizer::kWarningCorruptSymbols);
94   bool found = false;
95   vector<const CodeModule*>::iterator iter;
96   for (iter = modules->begin(); iter != modules->end(); ++iter) {
97     if (*iter == module) {
98       found = true;
99       break;
100     }
101   }
102   if (!found) {
103     BPLOG(INFO) << ((symbolizer_result == StackFrameSymbolizer::kError) ?
104                        "Couldn't load symbols for: " :
105                        "Detected corrupt symbols for: ")
106                 << module->debug_file() << "|" << module->debug_identifier();
107     modules->push_back(module);
108   }
109 }
110 
Walk(CallStack * stack,vector<const CodeModule * > * modules_without_symbols,vector<const CodeModule * > * modules_with_corrupt_symbols)111 bool Stackwalker::Walk(
112     CallStack* stack,
113     vector<const CodeModule*>* modules_without_symbols,
114     vector<const CodeModule*>* modules_with_corrupt_symbols) {
115   BPLOG_IF(ERROR, !stack) << "Stackwalker::Walk requires |stack|";
116   assert(stack);
117   stack->Clear();
118 
119   BPLOG_IF(ERROR, !modules_without_symbols) << "Stackwalker::Walk requires "
120                                             << "|modules_without_symbols|";
121   BPLOG_IF(ERROR, !modules_without_symbols) << "Stackwalker::Walk requires "
122                                             << "|modules_with_corrupt_symbols|";
123   assert(modules_without_symbols);
124   assert(modules_with_corrupt_symbols);
125 
126   // Begin with the context frame, and keep getting callers until there are
127   // no more.
128 
129   // Keep track of the number of scanned or otherwise dubious frames seen
130   // so far, as the caller may have set a limit.
131   uint32_t scanned_frames = 0;
132 
133   // Take ownership of the pointer returned by GetContextFrame.
134   scoped_ptr<StackFrame> frame(GetContextFrame());
135 
136   while (frame.get()) {
137     // frame already contains a good frame with properly set instruction and
138     // frame_pointer fields.  The frame structure comes from either the
139     // context frame (above) or a caller frame (below).
140 
141     // Resolve the module information, if a module map was provided.
142     StackFrameSymbolizer::SymbolizerResult symbolizer_result =
143         frame_symbolizer_->FillSourceLineInfo(modules_, unloaded_modules_,
144                                               system_info_,
145                                               frame.get());
146     switch (symbolizer_result) {
147       case StackFrameSymbolizer::kInterrupt:
148         BPLOG(INFO) << "Stack walk is interrupted.";
149         return false;
150         break;
151       case StackFrameSymbolizer::kError:
152         InsertSpecialAttentionModule(symbolizer_result, frame->module,
153                                      modules_without_symbols);
154         break;
155       case StackFrameSymbolizer::kWarningCorruptSymbols:
156         InsertSpecialAttentionModule(symbolizer_result, frame->module,
157                                      modules_with_corrupt_symbols);
158         break;
159       case StackFrameSymbolizer::kNoError:
160         break;
161       default:
162         assert(false);
163         break;
164     }
165 
166     // Keep track of the number of dubious frames so far.
167     switch (frame.get()->trust) {
168        case StackFrame::FRAME_TRUST_NONE:
169        case StackFrame::FRAME_TRUST_SCAN:
170        case StackFrame::FRAME_TRUST_CFI_SCAN:
171          scanned_frames++;
172          break;
173       default:
174         break;
175     }
176 
177     // Add the frame to the call stack.  Relinquish the ownership claim
178     // over the frame, because the stack now owns it.
179     stack->frames_.push_back(frame.release());
180     if (stack->frames_.size() > max_frames_) {
181       // Only emit an error message in the case where the limit
182       // reached is the default limit, not set by the user.
183       if (!max_frames_set_)
184         BPLOG(ERROR) << "The stack is over " << max_frames_ << " frames.";
185       break;
186     }
187 
188     // Get the next frame and take ownership.
189     bool stack_scan_allowed = scanned_frames < max_frames_scanned_;
190     frame.reset(GetCallerFrame(stack, stack_scan_allowed));
191   }
192 
193   return true;
194 }
195 
196 // static
StackwalkerForCPU(const SystemInfo * system_info,DumpContext * context,MemoryRegion * memory,const CodeModules * modules,const CodeModules * unloaded_modules,StackFrameSymbolizer * frame_symbolizer)197 Stackwalker* Stackwalker::StackwalkerForCPU(
198     const SystemInfo* system_info,
199     DumpContext* context,
200     MemoryRegion* memory,
201     const CodeModules* modules,
202     const CodeModules* unloaded_modules,
203     StackFrameSymbolizer* frame_symbolizer) {
204   if (!context) {
205     BPLOG(ERROR) << "Can't choose a stackwalker implementation without context";
206     return NULL;
207   }
208 
209   Stackwalker* cpu_stackwalker = NULL;
210 
211   uint32_t cpu = context->GetContextCPU();
212   switch (cpu) {
213     case MD_CONTEXT_X86:
214       cpu_stackwalker = new StackwalkerX86(system_info,
215                                            context->GetContextX86(),
216                                            memory, modules, frame_symbolizer);
217       break;
218 
219     case MD_CONTEXT_PPC:
220       cpu_stackwalker = new StackwalkerPPC(system_info,
221                                            context->GetContextPPC(),
222                                            memory, modules, frame_symbolizer);
223       break;
224 
225     case MD_CONTEXT_PPC64:
226       cpu_stackwalker = new StackwalkerPPC64(system_info,
227                                              context->GetContextPPC64(),
228                                              memory, modules, frame_symbolizer);
229       break;
230 
231     case MD_CONTEXT_AMD64:
232       cpu_stackwalker = new StackwalkerAMD64(system_info,
233                                              context->GetContextAMD64(),
234                                              memory, modules, frame_symbolizer);
235       break;
236 
237     case MD_CONTEXT_SPARC:
238       cpu_stackwalker = new StackwalkerSPARC(system_info,
239                                              context->GetContextSPARC(),
240                                              memory, modules, frame_symbolizer);
241       break;
242 
243     case MD_CONTEXT_MIPS:
244     case MD_CONTEXT_MIPS64:
245       cpu_stackwalker = new StackwalkerMIPS(system_info,
246                                             context->GetContextMIPS(),
247                                             memory, modules, frame_symbolizer);
248       break;
249 
250     case MD_CONTEXT_ARM:
251     {
252       int fp_register = -1;
253       if (system_info->os_short == "ios")
254         fp_register = MD_CONTEXT_ARM_REG_IOS_FP;
255       cpu_stackwalker = new StackwalkerARM(system_info,
256                                            context->GetContextARM(),
257                                            fp_register, memory, modules,
258                                            frame_symbolizer);
259       break;
260     }
261 
262     case MD_CONTEXT_ARM64:
263       cpu_stackwalker = new StackwalkerARM64(system_info,
264                                              context->GetContextARM64(),
265                                              memory, modules,
266                                              frame_symbolizer);
267       break;
268   }
269 
270   BPLOG_IF(ERROR, !cpu_stackwalker) << "Unknown CPU type " << HexString(cpu) <<
271                                        ", can't choose a stackwalker "
272                                        "implementation";
273   if (cpu_stackwalker) {
274     cpu_stackwalker->unloaded_modules_ = unloaded_modules;
275   }
276   return cpu_stackwalker;
277 }
278 
279 // CONSIDER: check stack alignment?
TerminateWalk(uint64_t caller_ip,uint64_t caller_sp,uint64_t callee_sp,bool first_unwind) const280 bool Stackwalker::TerminateWalk(uint64_t caller_ip,
281                                 uint64_t caller_sp,
282                                 uint64_t callee_sp,
283                                 bool first_unwind) const {
284   // Treat an instruction address less than 4k as end-of-stack.
285   // (using InstructionAddressSeemsValid() here is very tempting,
286   // but we need to handle JITted code)
287   if (caller_ip < (1 << 12)) {
288     return true;
289   }
290 
291   // NOTE: The stack address range is implicitly checked
292   //   when the stack memory is accessed.
293 
294   // The stack pointer should monotonically increase. For first unwind
295   // we allow caller_sp == callee_sp to account for architectures where
296   // the return address is stored in a register (so it's possible to have
297   // leaf functions which don't move the stack pointer)
298   if (first_unwind ? (caller_sp < callee_sp) : (caller_sp <= callee_sp)) {
299     return true;
300   }
301 
302   return false;
303 }
304 
InstructionAddressSeemsValid(uint64_t address) const305 bool Stackwalker::InstructionAddressSeemsValid(uint64_t address) const {
306   StackFrame frame;
307   frame.instruction = address;
308   StackFrameSymbolizer::SymbolizerResult symbolizer_result =
309       frame_symbolizer_->FillSourceLineInfo(modules_, unloaded_modules_,
310                                             system_info_, &frame);
311 
312   if (!frame.module) {
313     // not inside any loaded module
314     return false;
315   }
316 
317   if (!frame_symbolizer_->HasImplementation()) {
318     // No valid implementation to symbolize stack frame, but the address is
319     // within a known module.
320     return true;
321   }
322 
323   if (symbolizer_result != StackFrameSymbolizer::kNoError &&
324       symbolizer_result != StackFrameSymbolizer::kWarningCorruptSymbols) {
325     // Some error occurred during symbolization, but the address is within a
326     // known module
327     return true;
328   }
329 
330   return !frame.function_name.empty();
331 }
332 
333 }  // namespace google_breakpad
334