| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |\
| |
| |
| |
| |
| |
| | |
map output."
* commit 'a82985b6686f8b47119193fee2f804376a90125b':
Include page protections in the debuggerd map output.
|
| | |
| |
| |
| |
| | |
Bug: 7941716
Change-Id: I3bf475425c628c06f7799340c8a6132aab741742
|
| |\ \
| |/
| |
| |
| |
| |
| | |
crash on another thread."
* commit '3de7fe9f40489db691407d6ebfd77cfde23d8049':
Expand crasher with a "thread-" prefix to crash on another thread.
|
| | |
| |
| |
| |
| |
| |
| |
| | |
So "thread-nostack" runs the "nostack" code on a new thread, and
"thread-abort" runs the "abort" code on a new thread, and so on.
Bug: http://code.google.com/p/android/issues/detail?id=16672
Change-Id: I026a0e43eea147f1a7a74243846954599bcf4238
|
| |\ \
| |/
| |
| |
| | |
* commit '435c223d483c5e408fdbd7b6177e881ae445a24b':
Add missing signal codes to get_sigcode.
|
| | |
| |
| |
| |
| |
| |
| | |
The only common one we were missing is SI_TKILL, but we've had the full
set on the dalvik-dev branch for some time now.
Change-Id: I7cf52d352b8624e0adb17a2ed440e7a10f490dfd
|
| |/
|
|
|
|
|
|
|
|
| |
If somebody sends debuggerd bad data, it logs a complaint
but doesn't give any indication of the source. Now we show
the pid and uid we get from SO_PEERCRED.
Bug 7704699
Change-Id: I2738eb972932cc868ad969b60e16dd0b623212a1
|
| |\
| |
| |
| |
| | |
* commit 'a6fb0e05aa95995445c6f2b65f07db26bdbfd46c':
Fix debuggerd's use of readdir_r(3).
|
| | |
| |
| |
| | |
Change-Id: I1b178af054cefebfb774320e4b4699d6dc8bbb01
|
| |\ \
| |/
| |
| |
| | |
* commit '7b88a90da2a27e347fc16c14fa577f4ae1ef07fd':
Remove HAVE_SELINUX guards
|
| | |
| |
| |
| | |
Change-Id: I8272c573b3c5dc663203bafab68fad5e94d89364
|
| | |
| |
| |
| |
| | |
Bug: 7216522
Change-Id: Iddcec8399b00ad411be6863dd866a3f74377ba03
|
| |/
|
|
|
| |
Bug: 7168261
Change-Id: Icb412760d018e4bbb1a5d742ed7d484d5cf6b470
|
| |
|
|
| |
Change-Id: I5a241dc2e470148be0ad2c138e31f1aba5ab8812
|
| |
|
|
|
|
|
|
| |
Restore the security contexts of tombstone directory
when initially created.
Change-Id: I25b53730991576eccb62ca57050decd584acc639
Signed-off-by: rpcraig <rpcraig@tycho.ncsc.mil>
|
| |\
| |
| |
| |
| | |
* commit '9cec175c66100d9edbb1054f3f2977a5c3f80af2':
Remove a stray newline in the backtrace output.
|
| | |
| |
| |
| |
| | |
Bug: 6615693
Change-Id: I1ac1746286afb77c3f5c4042c4592333ebb08a51
|
| |\ \
| |/
| |
| | |
Change-Id: Idfef8c26b7a9e1a1a202e21dc5d34022bbaa92cc
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Provides a new mechanism for dumpstate (while running as root)
to request that debuggerd dump the stacks of native processes that
we care about in bug reports. In this mode, the backtrace
is formatted to look similar to a Dalvik backtrace.
Moved the tombstone generating code into a separate file to
make it easier to maintain.
Fixed a bug where sometimes the stack traces would be incomplete
because we were not waiting for each thread to stop after issuing
PTRACE_ATTACH, only the main thread. So sometimes we were missing
traces for some threads.
Refactored the logging code to prevent accidentally writing data
to logcat when explicitly dumping a tombstone or backtrace from the
console.
Only root or system server can request to dump backtraces but
only root can dump tombstones.
Bug: 6615693
Change-Id: Ib3edcc16f9f3a687e414e3f2d250d9500566123b
|
| |/
|
|
| |
Change-Id: Ie2af6aab7e236c31bb7a607659813218ef9c5400
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Some changes to debuggerd:
(1) Send a SIGSTOP to the target process before doing any of the
PTRACE_ATTACH work. This causes the threads that weren't hit by
the signal to stop moving, which seems to get rid of the "ptrace
detach failed: No such process" problems that result in missed
stack traces and debuggerd self-immolation.
(2) SIGPIPE was in the list of "interesting" signals caught by
debugger_signal_handler(), but debuggerd didn't recognize it, and
you'd get "unexpected signal 13" complaints. It's now in the list.
(3) Fixed a bit-rotted XLOG.
Change-Id: I33297ea6b09ce450671c07dc25846f684afbf480
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Show the symbol offset, when available.
Centralized formatting of native stack traces in libcorkscrew.
It's handy for automated tools if all stacks look the same.
Since we already made them all look them same, we might as well
do the formatting in just one place.
Do not strip the Thumb bit on ARM. This fixes an off-by-one
issue that could happen when resolving a PC that was at the
very beginning of a Thumb function, since the symbol table would
have the Thumb bit set but since we stripped the bit from our
PC, we would be looking for an address one byte before the
one listed in the symbol table. It's also quite useful to see
whether a given function is executing in Thumb mode just by glancing
at the PC.
Change-Id: Icaa29add85ce0bcafe24d5ce2098e138d809e2ab
|
| |
|
|
|
|
|
| |
When explicitly requesting a dump, show the user the path of
the tombstone file that was generated.
Change-Id: I7fff7dea606872a61687ca087e99f604107b70c4
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Keep track of whether memory maps are readable. Use the information
in try_get_word to try to avoid accidentally dereferencing an invalid
pointer within the current process. (Note that I haven't ever
seen that happen during normal unwinding, but it pays to be
a little more careful.)
Refactored try_get_word a little to make it easier to pass it the
needed state for validation checks by way of a little memory_t struct.
Improved how the memory map for the current process is cached. This is
important because we need up to date information about readable maps.
Use a 5 second cache expiration.
Improved the PC -> LR fallback logic in the unwinder so we can
eke out an extra frame sometimes.
Fixed a bug reading ELF program headers. The phnum & phentsize
fields are half-words. We were incorrectly interpreting
phnum as a whole word.
Used android_atomic_* operations carefully in the unwinder
to prevent possible memory races between the dumper and the dumpee.
This was highly unlikely (or even impossible due to the presence
of other barriers along the way) but the code is clearer now about
its invariants.
Fixed a bug in debuggerd where the pid was being passed to have
its stack dump taken instead of the tid, resulting in short
stacks because ptrace couldn't read the data if pid != tid.
Did a full sweep to ensure that we use pid / tid correctly everywhere.
Ported old code from debuggerd to rewind the program counter back
one instruction so that it points to the branch instruction itself
instead of the return address.
Change-Id: Icc4eb08320052975a4ae7f0f5f0ac9308a2d33d7
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This change modifies debuggerd so that it can be used to grab
the native stacks of a process that has hung and not just crashed.
Note that only the root user can do this (for now).
adb shell debuggerd <tid>
Then use logcat to find the tombstone file that was generated
which will have the native stacks of all threads in the
requested process. The specified thread will be shown first
and will also appear in the main log.
Also made some minor tweaks to libcorkscrew so that we
could handle statically compiled executables in the future
if we compiled the library statically.
Improved the "wait_for_user_action" function to support
volume down as an alternative for devices that do not
have home keys.
Removed a mess of gotos.
Change-Id: Ic149653986b0c2f503c7f0e8b7cb1f3be7c84d1e
|
| |
|
|
| |
Change-Id: I5e3645a39d96c808f87075b49111d0262a19a0c8
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Dump some memory at addresses for all registers that look like they
might have valid addresses. Previously this was only done for PC
and LR.
(This is expected to be disabled before ship.)
Bug 5484924
Change-Id: I9802eaa396783e1286ae0c53eaf2473892c38a02
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When the tombstones are uploaded to APR, they're truncated at 64KB.
This causes the log data, which is at the end, to be lost if the
process has more than about 12 threads (which many do).
This change adds the last few lines of the log right below the
report for the crashing thread, where we should be guaranteed to
keep it.
Also, clean up trailing newlines on log messages (which end up in
the tombstone), and don't print a "------- log" banner if there
aren't any messages in that log file (e.g. slog).
Also also, don't try to show_nearby_maps unless this is the crashing
thread.
Bug 5471955
Change-Id: Iaa4fd2fafbaeda2f20bb95f202177d7744a91f9d
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This makes two changes:
(1) Display ASCII values next to the memory dumps. For example:
I DEBUG: 00008ac4 706f6f4c 20676e69 74206425 73656d69 Looping %d times
I DEBUG: 00008ad4 7453000a 6e69726f 6f742067 0a702520 ..Storing to %p.
I DEBUG: 00008ae4 65642f00 657a2f76 55006f72 6c62616e ./dev/zero.Unabl
(The hex values are still displayed as little-endian word values, while
the ASCII part is byte oriented.)
(2) Optionally display memory dumps for all registers, not just LR
and PC, for the crashing thread. This is meant for situations where
we crash dereferencing foo->bar and want to see what the memory near
"foo" looks like -- could be handy if it got stomped by MUTF-16 text
or something recognizable.
Change #2 is currently disabled, via a compile-time setting.
Bug 5471955
Change-Id: Iacfd01c314055bad81db2f43b7d239f10086fcfb
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The Android Problem Report site shows tombstones uploaded from
devices. We can see the native stack traces for every thread,
but sometimes there's a very important bit of information sitting
in the log, and without it we can't analyze the failure.
This change modifies debuggerd so that the log contents for the
crashing process are appended to the tombstone. The format matches
the output of "logcat -v threadtime". Both "system" and "main" logs
are included (but not interleaved -- we're not that fancy).
This feature is only enabled when the "ro.debuggable" system property
is set to 1 (indicating a development device).
Bug 5456676
Change-Id: I3be1df59813ccf1058cec496a906f6d31fbc7b04
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adds some additional output to native crashes. For example, if
something tried to access a bit of mmap(/dev/zero) memory that had
been mprotect()ed, you might see output like this:
I DEBUG : memory map around addr 4015a00c:
I DEBUG : 40159000-4015a000 /system/lib/libstdc++.so
I DEBUG : 4015a000-40162000 /dev/zero
I DEBUG : b0001000-b0009000 /system/bin/linker
The idea is to see what's in and around the fault address to make it
easier to identify bus errors due to file truncation and segmentation
faults caused by buffer over/underruns.
No output is generated for accesses below 0x1000 (which are likely
NULL pointer dereferences) or for signals that don't set si_addr.
Also, suppress the fault address for signals that don't set si_addr:
I DEBUG : signal 6 (SIGABRT), code 0 (?), fault addr --------
We still print "fault addr" followed by 8 characters for anything
that is parsing the contents. The "address" shown for signals like
SIGABRT was meaningless and possibly confusing.
Bug 5358516
Change-Id: Icae8ef309ea2d89b129f68d30f96b2ca8a69cc6c
|
| |
|
|
|
|
|
|
|
|
|
| |
This modifies debuggerd to sleep-poll while waiting for the target
process to crash, rather than block (potentially forever).
Also, add/fix some error reporting.
Bug 5035703
Change-Id: Id62ab79f53104927f8de684dff1a5734dbdb8390
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
When a process receives a fatal signal, it connects to debuggerd
and initiates a conversation over a socket. When the crashing
process is debuggerd, the conversation stalls forever, and you
stop getting native crash details.
This resets the signal handlers to SIG_DFL, so that debuggerd
simply crashes and gets restarted.
Bug 5035703
Change-Id: Ie081d710d046f701bca7e7d8ea3e1d24766d9f61
|
| |\
| |
| |
| |
| |
| |
| | |
platform."
* commit '716104b40df12d367cb5f649b92c6105d5978787':
Fix crash reporting on x86 platform.
|
| | |\
| | |
| | |
| | |
| | | |
* commit '771f5146893aa9bbc451aed78e61b3b18c1bc3b4':
Fix crash reporting on x86 platform.
|
| | | |
| | |
| | |
| | |
| | |
| | | |
Make sure that crash frame gets printed in one line
Change-Id: If097a5a1655b17165b2a3271f0f5ee8ace57686f
|
| | | |\
| | | |
| | | |
| | | |
| | | | |
* commit 'cbb9257a872a0f35b0aa1018410ca6025e628c36':
Fix debuggerd (native crash dump).
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Change 44659e90f (6cc4923087 in AOSP) introduced walking
both the symbol table and dynamic symbol table. The problem
is that it was dereferencing values whether or not the two tables
were both present, which could wind up reading from invalid memory.
The read from a bad address would cause debuggerd itself to crash,
which isn't handled.
Change-Id: Ie936f660018b1980dee5b6ed669588db861f1a79
|
| |/ / /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
separate item."
This reverts commit c031a3b006129ca408eaade325a53a334daee3b2.
Conflicts:
debuggerd/debuggerd.c
Change-Id: Ib37ae793bbffdb4a81837bc51171cc62b12abe7d
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The delta between start and end pointers in memory dump has to be
multiples of 4 or 16.
Bug: 3486787
Change-Id: Ie34aa79ffb704ca647805dbc6a16f2c35adf849c
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The structure user_vfp is incorrectly defined in bionic/libc/kernel/arch-arm/asm/ptrace.h
at the moment, while it should be under bionic/libc/kernel/arch-arm/asm/user.h instead.
Before moving its definition in the corresponding source files, we need to fix its users.
It happens that debuggerd is the only one for now, so fix this by including <linux/user.h>
instead (which will include <asm/user.h> and <asm/ptrace.h>).
Also, make the debug output less chatty by specifying all symbols to be listed
through XLOG2 instead of XLOG.
Change-Id: I16e0fa700945d86efd44ee885a84ad609c0a9b58
|
| | | |
| | |
| | |
| | |
| | |
| | | |
These are only for debuggerd testing.
Change-Id: If2d2ff85e8c182d366cc251e9446ae7fdd094e55
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This change ensures that debuggered properly releases
the signal handler that invoked it after the PTRACE_ATTACH.
The previous code simply did a close() of the file descriptor,
but for some reason, this didn't always make the read() blocking
the signal handler exit. Instead, the thread would stay blocked
and never fault, preventing the generation of a useful stack
trace.
Change-Id: I6b0579041165a710d74ec1bece113ff7b828aed4
|
| | | |
| | |
| | |
| | | |
Change-Id: Ifc5f0e8eb5fed191c39f0878869e04b4d4f3b9ca
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Change 44659e90f (6cc4923087 in AOSP) introduced walking
both the symbol table and dynamic symbol table. The problem
is that it was dereferencing values whether or not the two tables
were both present, which could wind up reading from invalid memory.
The read from a bad address would cause debuggerd itself to crash,
which isn't handled.
Change-Id: Ie936f660018b1980dee5b6ed669588db861f1a79
|
| |\ \ \
| |/ /
| | |
| | |
| | | |
* commit '44659e90fe8df25c71195936eabe0cc9158c18a6':
debuggerd: IA version
|
| | |\ \
| | |/
| | |
| | |
| | | |
* commit 'd3f59eab07d102b9506978aca9541dd62dcea919':
debuggerd: IA version
|
| | | |
| | |
| | |
| | |
| | |
| | | |
Change-Id: I0c0d9c2d7e476b8d117aaf505a9480a47c0b5c05
Signed-off-by: Lei Li <lei.l.li@intel.com>
Signed-off-by: Bruce Beare <bruce.j.beare@intel.com>
|
| |\ \ \
| |/ /
| | |
| | | |
Change-Id: I0ac3f88ac85bbc604fdc151768da20e86318fb46
|
| | |\ \
| | |/
| | |
| | |
| | | |
* commit 'e382cc999e48b3faabea7743ec8cec303b6005ba':
debuggerd: Reorganize to facilitate IA commit
|
