1// Copyright 2017 The Abseil Authors. 2// 3// Licensed under the Apache License, Version 2.0 (the "License"); 4// you may not use this file except in compliance with the License. 5// You may obtain a copy of the License at 6// 7// https://www.apache.org/licenses/LICENSE-2.0 8// 9// Unless required by applicable law or agreed to in writing, software 10// distributed under the License is distributed on an "AS IS" BASIS, 11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12// See the License for the specific language governing permissions and 13// limitations under the License. 14// 15// Produce stack trace 16 17#ifndef ABSL_DEBUGGING_INTERNAL_STACKTRACE_X86_INL_INC_ 18#define ABSL_DEBUGGING_INTERNAL_STACKTRACE_X86_INL_INC_ 19 20#if defined(__linux__) && (defined(__i386__) || defined(__x86_64__)) 21#include <ucontext.h> // for ucontext_t 22#endif 23 24#if !defined(_WIN32) 25#include <unistd.h> 26#endif 27 28#include <cassert> 29#include <cstdint> 30 31#include "absl/base/macros.h" 32#include "absl/base/port.h" 33#include "absl/debugging/internal/address_is_readable.h" 34#include "absl/debugging/internal/vdso_support.h" // a no-op on non-elf or non-glibc systems 35#include "absl/debugging/stacktrace.h" 36 37#include "absl/base/internal/raw_logging.h" 38 39using absl::debugging_internal::AddressIsReadable; 40 41#if defined(__linux__) && defined(__i386__) 42// Count "push %reg" instructions in VDSO __kernel_vsyscall(), 43// preceeding "syscall" or "sysenter". 44// If __kernel_vsyscall uses frame pointer, answer 0. 45// 46// kMaxBytes tells how many instruction bytes of __kernel_vsyscall 47// to analyze before giving up. Up to kMaxBytes+1 bytes of 48// instructions could be accessed. 49// 50// Here are known __kernel_vsyscall instruction sequences: 51// 52// SYSENTER (linux-2.6.26/arch/x86/vdso/vdso32/sysenter.S). 53// Used on Intel. 54// 0xffffe400 <__kernel_vsyscall+0>: push %ecx 55// 0xffffe401 <__kernel_vsyscall+1>: push %edx 56// 0xffffe402 <__kernel_vsyscall+2>: push %ebp 57// 0xffffe403 <__kernel_vsyscall+3>: mov %esp,%ebp 58// 0xffffe405 <__kernel_vsyscall+5>: sysenter 59// 60// SYSCALL (see linux-2.6.26/arch/x86/vdso/vdso32/syscall.S). 61// Used on AMD. 62// 0xffffe400 <__kernel_vsyscall+0>: push %ebp 63// 0xffffe401 <__kernel_vsyscall+1>: mov %ecx,%ebp 64// 0xffffe403 <__kernel_vsyscall+3>: syscall 65// 66 67// The sequence below isn't actually expected in Google fleet, 68// here only for completeness. Remove this comment from OSS release. 69 70// i386 (see linux-2.6.26/arch/x86/vdso/vdso32/int80.S) 71// 0xffffe400 <__kernel_vsyscall+0>: int $0x80 72// 0xffffe401 <__kernel_vsyscall+1>: ret 73// 74static const int kMaxBytes = 10; 75 76// We use assert()s instead of DCHECK()s -- this is too low level 77// for DCHECK(). 78 79static int CountPushInstructions(const unsigned char *const addr) { 80 int result = 0; 81 for (int i = 0; i < kMaxBytes; ++i) { 82 if (addr[i] == 0x89) { 83 // "mov reg,reg" 84 if (addr[i + 1] == 0xE5) { 85 // Found "mov %esp,%ebp". 86 return 0; 87 } 88 ++i; // Skip register encoding byte. 89 } else if (addr[i] == 0x0F && 90 (addr[i + 1] == 0x34 || addr[i + 1] == 0x05)) { 91 // Found "sysenter" or "syscall". 92 return result; 93 } else if ((addr[i] & 0xF0) == 0x50) { 94 // Found "push %reg". 95 ++result; 96 } else if (addr[i] == 0xCD && addr[i + 1] == 0x80) { 97 // Found "int $0x80" 98 assert(result == 0); 99 return 0; 100 } else { 101 // Unexpected instruction. 102 assert(false && "unexpected instruction in __kernel_vsyscall"); 103 return 0; 104 } 105 } 106 // Unexpected: didn't find SYSENTER or SYSCALL in 107 // [__kernel_vsyscall, __kernel_vsyscall + kMaxBytes) interval. 108 assert(false && "did not find SYSENTER or SYSCALL in __kernel_vsyscall"); 109 return 0; 110} 111#endif 112 113// Assume stack frames larger than 100,000 bytes are bogus. 114static const int kMaxFrameBytes = 100000; 115 116// Returns the stack frame pointer from signal context, 0 if unknown. 117// vuc is a ucontext_t *. We use void* to avoid the use 118// of ucontext_t on non-POSIX systems. 119static uintptr_t GetFP(const void *vuc) { 120#if !defined(__linux__) 121 static_cast<void>(vuc); // Avoid an unused argument compiler warning. 122#else 123 if (vuc != nullptr) { 124 auto *uc = reinterpret_cast<const ucontext_t *>(vuc); 125#if defined(__i386__) 126 const auto bp = uc->uc_mcontext.gregs[REG_EBP]; 127 const auto sp = uc->uc_mcontext.gregs[REG_ESP]; 128#elif defined(__x86_64__) 129 const auto bp = uc->uc_mcontext.gregs[REG_RBP]; 130 const auto sp = uc->uc_mcontext.gregs[REG_RSP]; 131#else 132 const uintptr_t bp = 0; 133 const uintptr_t sp = 0; 134#endif 135 // Sanity-check that the base pointer is valid. It's possible that some 136 // code in the process is compiled with --copt=-fomit-frame-pointer or 137 // --copt=-momit-leaf-frame-pointer. 138 // 139 // TODO(bcmills): -momit-leaf-frame-pointer is currently the default 140 // behavior when building with clang. Talk to the C++ toolchain team about 141 // fixing that. 142 if (bp >= sp && bp - sp <= kMaxFrameBytes) return bp; 143 144 // If bp isn't a plausible frame pointer, return the stack pointer instead. 145 // If we're lucky, it points to the start of a stack frame; otherwise, we'll 146 // get one frame of garbage in the stack trace and fail the sanity check on 147 // the next iteration. 148 return sp; 149 } 150#endif 151 return 0; 152} 153 154// Given a pointer to a stack frame, locate and return the calling 155// stackframe, or return null if no stackframe can be found. Perform sanity 156// checks (the strictness of which is controlled by the boolean parameter 157// "STRICT_UNWINDING") to reduce the chance that a bad pointer is returned. 158template <bool STRICT_UNWINDING, bool WITH_CONTEXT> 159ABSL_ATTRIBUTE_NO_SANITIZE_ADDRESS // May read random elements from stack. 160ABSL_ATTRIBUTE_NO_SANITIZE_MEMORY // May read random elements from stack. 161static void **NextStackFrame(void **old_fp, const void *uc) { 162 void **new_fp = (void **)*old_fp; 163 164#if defined(__linux__) && defined(__i386__) 165 if (WITH_CONTEXT && uc != nullptr) { 166 // How many "push %reg" instructions are there at __kernel_vsyscall? 167 // This is constant for a given kernel and processor, so compute 168 // it only once. 169 static int num_push_instructions = -1; // Sentinel: not computed yet. 170 // Initialize with sentinel value: __kernel_rt_sigreturn can not possibly 171 // be there. 172 static const unsigned char *kernel_rt_sigreturn_address = nullptr; 173 static const unsigned char *kernel_vsyscall_address = nullptr; 174 if (num_push_instructions == -1) { 175#ifdef ABSL_HAVE_VDSO_SUPPORT 176 absl::debugging_internal::VDSOSupport vdso; 177 if (vdso.IsPresent()) { 178 absl::debugging_internal::VDSOSupport::SymbolInfo 179 rt_sigreturn_symbol_info; 180 absl::debugging_internal::VDSOSupport::SymbolInfo vsyscall_symbol_info; 181 if (!vdso.LookupSymbol("__kernel_rt_sigreturn", "LINUX_2.5", STT_FUNC, 182 &rt_sigreturn_symbol_info) || 183 !vdso.LookupSymbol("__kernel_vsyscall", "LINUX_2.5", STT_FUNC, 184 &vsyscall_symbol_info) || 185 rt_sigreturn_symbol_info.address == nullptr || 186 vsyscall_symbol_info.address == nullptr) { 187 // Unexpected: 32-bit VDSO is present, yet one of the expected 188 // symbols is missing or null. 189 assert(false && "VDSO is present, but doesn't have expected symbols"); 190 num_push_instructions = 0; 191 } else { 192 kernel_rt_sigreturn_address = 193 reinterpret_cast<const unsigned char *>( 194 rt_sigreturn_symbol_info.address); 195 kernel_vsyscall_address = 196 reinterpret_cast<const unsigned char *>( 197 vsyscall_symbol_info.address); 198 num_push_instructions = 199 CountPushInstructions(kernel_vsyscall_address); 200 } 201 } else { 202 num_push_instructions = 0; 203 } 204#else // ABSL_HAVE_VDSO_SUPPORT 205 num_push_instructions = 0; 206#endif // ABSL_HAVE_VDSO_SUPPORT 207 } 208 if (num_push_instructions != 0 && kernel_rt_sigreturn_address != nullptr && 209 old_fp[1] == kernel_rt_sigreturn_address) { 210 const ucontext_t *ucv = static_cast<const ucontext_t *>(uc); 211 // This kernel does not use frame pointer in its VDSO code, 212 // and so %ebp is not suitable for unwinding. 213 void **const reg_ebp = 214 reinterpret_cast<void **>(ucv->uc_mcontext.gregs[REG_EBP]); 215 const unsigned char *const reg_eip = 216 reinterpret_cast<unsigned char *>(ucv->uc_mcontext.gregs[REG_EIP]); 217 if (new_fp == reg_ebp && kernel_vsyscall_address <= reg_eip && 218 reg_eip - kernel_vsyscall_address < kMaxBytes) { 219 // We "stepped up" to __kernel_vsyscall, but %ebp is not usable. 220 // Restore from 'ucv' instead. 221 void **const reg_esp = 222 reinterpret_cast<void **>(ucv->uc_mcontext.gregs[REG_ESP]); 223 // Check that alleged %esp is not null and is reasonably aligned. 224 if (reg_esp && 225 ((uintptr_t)reg_esp & (sizeof(reg_esp) - 1)) == 0) { 226 // Check that alleged %esp is actually readable. This is to prevent 227 // "double fault" in case we hit the first fault due to e.g. stack 228 // corruption. 229 void *const reg_esp2 = reg_esp[num_push_instructions - 1]; 230 if (AddressIsReadable(reg_esp2)) { 231 // Alleged %esp is readable, use it for further unwinding. 232 new_fp = reinterpret_cast<void **>(reg_esp2); 233 } 234 } 235 } 236 } 237 } 238#endif 239 240 const uintptr_t old_fp_u = reinterpret_cast<uintptr_t>(old_fp); 241 const uintptr_t new_fp_u = reinterpret_cast<uintptr_t>(new_fp); 242 243 // Check that the transition from frame pointer old_fp to frame 244 // pointer new_fp isn't clearly bogus. Skip the checks if new_fp 245 // matches the signal context, so that we don't skip out early when 246 // using an alternate signal stack. 247 // 248 // TODO(bcmills): The GetFP call should be completely unnecessary when 249 // ENABLE_COMBINED_UNWINDER is set (because we should be back in the thread's 250 // stack by this point), but it is empirically still needed (e.g. when the 251 // stack includes a call to abort). unw_get_reg returns UNW_EBADREG for some 252 // frames. Figure out why GetValidFrameAddr and/or libunwind isn't doing what 253 // it's supposed to. 254 if (STRICT_UNWINDING && 255 (!WITH_CONTEXT || uc == nullptr || new_fp_u != GetFP(uc))) { 256 // With the stack growing downwards, older stack frame must be 257 // at a greater address that the current one. 258 if (new_fp_u <= old_fp_u) return nullptr; 259 if (new_fp_u - old_fp_u > kMaxFrameBytes) return nullptr; 260 } else { 261 if (new_fp == nullptr) return nullptr; // skip AddressIsReadable() below 262 // In the non-strict mode, allow discontiguous stack frames. 263 // (alternate-signal-stacks for example). 264 if (new_fp == old_fp) return nullptr; 265 } 266 267 if (new_fp_u & (sizeof(void *) - 1)) return nullptr; 268#ifdef __i386__ 269 // On 32-bit machines, the stack pointer can be very close to 270 // 0xffffffff, so we explicitly check for a pointer into the 271 // last two pages in the address space 272 if (new_fp_u >= 0xffffe000) return nullptr; 273#endif 274#if !defined(_WIN32) 275 if (!STRICT_UNWINDING) { 276 // Lax sanity checks cause a crash in 32-bit tcmalloc/crash_reason_test 277 // on AMD-based machines with VDSO-enabled kernels. 278 // Make an extra sanity check to insure new_fp is readable. 279 // Note: NextStackFrame<false>() is only called while the program 280 // is already on its last leg, so it's ok to be slow here. 281 282 if (!AddressIsReadable(new_fp)) { 283 return nullptr; 284 } 285 } 286#endif 287 return new_fp; 288} 289 290template <bool IS_STACK_FRAMES, bool IS_WITH_CONTEXT> 291ABSL_ATTRIBUTE_NO_SANITIZE_ADDRESS // May read random elements from stack. 292ABSL_ATTRIBUTE_NO_SANITIZE_MEMORY // May read random elements from stack. 293ABSL_ATTRIBUTE_NOINLINE 294static int UnwindImpl(void **result, int *sizes, int max_depth, int skip_count, 295 const void *ucp, int *min_dropped_frames) { 296 int n = 0; 297 void **fp = reinterpret_cast<void **>(__builtin_frame_address(0)); 298 299 while (fp && n < max_depth) { 300 if (*(fp + 1) == reinterpret_cast<void *>(0)) { 301 // In 64-bit code, we often see a frame that 302 // points to itself and has a return address of 0. 303 break; 304 } 305 void **next_fp = NextStackFrame<!IS_STACK_FRAMES, IS_WITH_CONTEXT>(fp, ucp); 306 if (skip_count > 0) { 307 skip_count--; 308 } else { 309 result[n] = *(fp + 1); 310 if (IS_STACK_FRAMES) { 311 if (next_fp > fp) { 312 sizes[n] = (uintptr_t)next_fp - (uintptr_t)fp; 313 } else { 314 // A frame-size of 0 is used to indicate unknown frame size. 315 sizes[n] = 0; 316 } 317 } 318 n++; 319 } 320 fp = next_fp; 321 } 322 if (min_dropped_frames != nullptr) { 323 // Implementation detail: we clamp the max of frames we are willing to 324 // count, so as not to spend too much time in the loop below. 325 const int kMaxUnwind = 1000; 326 int j = 0; 327 for (; fp != nullptr && j < kMaxUnwind; j++) { 328 fp = NextStackFrame<!IS_STACK_FRAMES, IS_WITH_CONTEXT>(fp, ucp); 329 } 330 *min_dropped_frames = j; 331 } 332 return n; 333} 334 335namespace absl { 336ABSL_NAMESPACE_BEGIN 337namespace debugging_internal { 338bool StackTraceWorksForTest() { 339 return true; 340} 341} // namespace debugging_internal 342ABSL_NAMESPACE_END 343} // namespace absl 344 345#endif // ABSL_DEBUGGING_INTERNAL_STACKTRACE_X86_INL_INC_ 346