1 // Copyright (c) 2010, Google Inc. 2 // All rights reserved. 3 // 4 // Redistribution and use in source and binary forms, with or without 5 // modification, are permitted provided that the following conditions are 6 // met: 7 // 8 // * Redistributions of source code must retain the above copyright 9 // notice, this list of conditions and the following disclaimer. 10 // * Redistributions in binary form must reproduce the above 11 // copyright notice, this list of conditions and the following disclaimer 12 // in the documentation and/or other materials provided with the 13 // distribution. 14 // * Neither the name of Google Inc. nor the names of its 15 // contributors may be used to endorse or promote products derived from 16 // this software without specific prior written permission. 17 // 18 // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 19 // "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 20 // LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 21 // A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 22 // OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 23 // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 24 // LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 25 // DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 26 // THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 27 // (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 28 // OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 29 30 // linux_dumper.h: Define the google_breakpad::LinuxDumper class, which 31 // is a base class for extracting information of a crashed process. It 32 // was originally a complete implementation using the ptrace API, but 33 // has been refactored to allow derived implementations supporting both 34 // ptrace and core dump. A portion of the original implementation is now 35 // in google_breakpad::LinuxPtraceDumper (see linux_ptrace_dumper.h for 36 // details). 37 38 #ifndef CLIENT_LINUX_MINIDUMP_WRITER_LINUX_DUMPER_H_ 39 #define CLIENT_LINUX_MINIDUMP_WRITER_LINUX_DUMPER_H_ 40 41 #include <elf.h> 42 #include <linux/limits.h> 43 #include <stdint.h> 44 #include <sys/types.h> 45 #include <sys/user.h> 46 47 #include "client/linux/dump_writer_common/mapping_info.h" 48 #include "client/linux/dump_writer_common/thread_info.h" 49 #include "common/memory.h" 50 #include "google_breakpad/common/minidump_format.h" 51 52 namespace google_breakpad { 53 54 // Typedef for our parsing of the auxv variables in /proc/pid/auxv. 55 #if defined(__i386) || defined(__ARM_EABI__) || defined(__mips__) 56 typedef Elf32_auxv_t elf_aux_entry; 57 #elif defined(__x86_64) || defined(__aarch64__) 58 typedef Elf64_auxv_t elf_aux_entry; 59 #endif 60 61 typedef __typeof__(((elf_aux_entry*) 0)->a_un.a_val) elf_aux_val_t; 62 63 // When we find the VDSO mapping in the process's address space, this 64 // is the name we use for it when writing it to the minidump. 65 // This should always be less than NAME_MAX! 66 const char kLinuxGateLibraryName[] = "linux-gate.so"; 67 68 class LinuxDumper { 69 public: 70 explicit LinuxDumper(pid_t pid); 71 72 virtual ~LinuxDumper(); 73 74 // Parse the data for |threads| and |mappings|. 75 virtual bool Init(); 76 77 // Return true if the dumper performs a post-mortem dump. 78 virtual bool IsPostMortem() const = 0; 79 80 // Suspend/resume all threads in the given process. 81 virtual bool ThreadsSuspend() = 0; 82 virtual bool ThreadsResume() = 0; 83 84 // Read information about the |index|-th thread of |threads_|. 85 // Returns true on success. One must have called |ThreadsSuspend| first. 86 virtual bool GetThreadInfoByIndex(size_t index, ThreadInfo* info) = 0; 87 88 // These are only valid after a call to |Init|. threads()89 const wasteful_vector<pid_t> &threads() { return threads_; } mappings()90 const wasteful_vector<MappingInfo*> &mappings() { return mappings_; } 91 const MappingInfo* FindMapping(const void* address) const; auxv()92 const wasteful_vector<elf_aux_val_t>& auxv() { return auxv_; } 93 94 // Find a block of memory to take as the stack given the top of stack pointer. 95 // stack: (output) the lowest address in the memory area 96 // stack_len: (output) the length of the memory area 97 // stack_top: the current top of the stack 98 bool GetStackInfo(const void** stack, size_t* stack_len, uintptr_t stack_top); 99 allocator()100 PageAllocator* allocator() { return &allocator_; } 101 102 // Copy content of |length| bytes from a given process |child|, 103 // starting from |src|, into |dest|. Returns true on success. 104 virtual bool CopyFromProcess(void* dest, pid_t child, const void* src, 105 size_t length) = 0; 106 107 // Builds a proc path for a certain pid for a node (/proc/<pid>/<node>). 108 // |path| is a character array of at least NAME_MAX bytes to return the 109 // result.|node| is the final node without any slashes. Returns true on 110 // success. 111 virtual bool BuildProcPath(char* path, pid_t pid, const char* node) const = 0; 112 113 // Generate a File ID from the .text section of a mapped entry. 114 // If not a member, mapping_id is ignored. This method can also manipulate the 115 // |mapping|.name to truncate "(deleted)" from the file name if necessary. 116 bool ElfFileIdentifierForMapping(const MappingInfo& mapping, 117 bool member, 118 unsigned int mapping_id, 119 uint8_t identifier[sizeof(MDGUID)]); 120 crash_address()121 uintptr_t crash_address() const { return crash_address_; } set_crash_address(uintptr_t crash_address)122 void set_crash_address(uintptr_t crash_address) { 123 crash_address_ = crash_address; 124 } 125 crash_signal()126 int crash_signal() const { return crash_signal_; } set_crash_signal(int crash_signal)127 void set_crash_signal(int crash_signal) { crash_signal_ = crash_signal; } 128 crash_thread()129 pid_t crash_thread() const { return crash_thread_; } set_crash_thread(pid_t crash_thread)130 void set_crash_thread(pid_t crash_thread) { crash_thread_ = crash_thread; } 131 132 // Extracts the effective path and file name of from |mapping|. In most cases 133 // the effective name/path are just the mapping's path and basename. In some 134 // other cases, however, a library can be mapped from an archive (e.g., when 135 // loading .so libs from an apk on Android) and this method is able to 136 // reconstruct the original file name. 137 static void GetMappingEffectiveNameAndPath(const MappingInfo& mapping, 138 char* file_path, 139 size_t file_path_size, 140 char* file_name, 141 size_t file_name_size); 142 143 protected: 144 bool ReadAuxv(); 145 146 virtual bool EnumerateMappings(); 147 148 virtual bool EnumerateThreads() = 0; 149 150 // For the case where a running program has been deleted, it'll show up in 151 // /proc/pid/maps as "/path/to/program (deleted)". If this is the case, then 152 // see if '/path/to/program (deleted)' matches /proc/pid/exe and return 153 // /proc/pid/exe in |path| so ELF identifier generation works correctly. This 154 // also checks to see if '/path/to/program (deleted)' exists, so it does not 155 // get fooled by a poorly named binary. 156 // For programs that don't end with ' (deleted)', this is a no-op. 157 // This assumes |path| is a buffer with length NAME_MAX. 158 // Returns true if |path| is modified. 159 bool HandleDeletedFileInMapping(char* path) const; 160 161 // ID of the crashed process. 162 const pid_t pid_; 163 164 // Virtual address at which the process crashed. 165 uintptr_t crash_address_; 166 167 // Signal that terminated the crashed process. 168 int crash_signal_; 169 170 // ID of the crashed thread. 171 pid_t crash_thread_; 172 173 mutable PageAllocator allocator_; 174 175 // IDs of all the threads. 176 wasteful_vector<pid_t> threads_; 177 178 // Info from /proc/<pid>/maps. 179 wasteful_vector<MappingInfo*> mappings_; 180 181 // Info from /proc/<pid>/auxv 182 wasteful_vector<elf_aux_val_t> auxv_; 183 }; 184 185 } // namespace google_breakpad 186 187 #endif // CLIENT_LINUX_HANDLER_LINUX_DUMPER_H_ 188