| blob | 2fefc5bf4dbacffe09facf4ca9eb3019f8864229 |
1 /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
2 /* vim: set ts=8 sts=2 et sw=2 tw=80: */
3 /* This Source Code Form is subject to the terms of the Mozilla Public
4 * License, v. 2.0. If a copy of the MPL was not distributed with this
5 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
7 /* API for getting a stack trace of the C/C++ stack on the current thread */
13 #ifdef XP_WIN
15 # include <io.h>
16 #else
17 # include <unistd.h>
18 #endif
21 #include <string.h>
23 #if defined(ANDROID) && defined(MOZ_LINKER)
25 # include <android/log.h>
26 #endif
30 // for _Unwind_Backtrace from libcxxrt or libunwind
31 // cxxabi.h from libcxxrt implicitly includes unwind.h first
32 #if defined(HAVE__UNWIND_BACKTRACE) && !defined(_GNU_SOURCE)
33 # define _GNU_SOURCE
34 #endif
36 #if defined(HAVE_DLOPEN) || defined(XP_DARWIN)
37 # include <dlfcn.h>
38 #endif
40 #if (defined(XP_DARWIN) && \
41 (defined(__i386) || defined(__ppc__) || defined(HAVE__UNWIND_BACKTRACE)))
42 # define MOZ_STACKWALK_SUPPORTS_MACOSX 1
43 #else
44 # define MOZ_STACKWALK_SUPPORTS_MACOSX 0
45 #endif
47 #if (defined(linux) && \
48 ((defined(__GNUC__) && (defined(__i386) || defined(PPC))) || \
49 defined(HAVE__UNWIND_BACKTRACE)))
50 # define MOZ_STACKWALK_SUPPORTS_LINUX 1
51 #else
52 # define MOZ_STACKWALK_SUPPORTS_LINUX 0
53 #endif
55 #if __GLIBC__ > 2 || (__GLIBC__ == 2 && __GLIBC_MINOR__ >= 1)
56 # define HAVE___LIBC_STACK_END 1
57 #else
58 # define HAVE___LIBC_STACK_END 0
59 #endif
61 #if HAVE___LIBC_STACK_END
63 #endif
65 #ifdef ANDROID
66 # include <algorithm>
67 # include <unistd.h>
68 # include <pthread.h>
69 #endif
75 #ifdef __arm__
76 // On 32-bit ARM, mask off the thumb bit to get the instruction address.
78 #else
80 #endif
81 }
83 // Skip frames until we encounter the one we were initialized with,
84 // and then never skip again.
89 }
91 }
93 }
98 };
100 #ifdef XP_WIN
102 # include <windows.h>
103 # include <process.h>
104 # include <stdio.h>
105 # include <malloc.h>
111 # include <imagehlp.h>
112 // We need a way to know if we are building for WXP (or later), as if we are, we
113 // need to use the newer 64-bit APIs. API_VERSION_NUMBER seems to fit the bill.
114 // A value of 9 indicates we want to use the new APIs.
115 # if API_VERSION_NUMBER < 9
116 # error Too old imagehlp.h
117 # endif
119 // DbgHelp functions are not thread-safe and should therefore be protected by
120 // using this critical section. Only use the critical section after a
121 // successful call to InitializeDbgHelp().
122 CRITICAL_SECTION gDbgHelpCS;
124 # if defined(_M_AMD64) || defined(_M_ARM64)
125 // Because various Win64 APIs acquire function-table locks, we need a way of
126 // preventing stack walking while those APIs are being called. Otherwise, the
127 // stack walker may suspend a thread holding such a lock, and deadlock when the
128 // stack unwind code attempts to wait for that lock.
129 //
130 // We're using an atomic counter rather than a critical section because we
131 // don't require mutual exclusion with the stack walker. If the stack walker
132 // determines that it's safe to start unwinding the suspended thread (i.e.
133 // there are no suppressions when the unwind begins), then it's safe to
134 // continue unwinding that thread even if other threads request suppressions
135 // in the meantime, because we can't deadlock with those other threads.
136 //
137 // XXX: This global variable is a larger-than-necessary hammer. A more scoped
138 // solution would be to maintain a counter per thread, but then it would be
139 // more difficult for WalkStackMain64 to read the suspended thread's counter.
146 // We should never desuppress from 0. See bug 1687510 comment 10 for an
147 // example in which this occured.
149 }
151 MFBT_API
154 MFBT_API
157 }
165 // Currently we can only handle one JIT code region at a time
170 }
173 // Currently we can only handle one JIT code region at a time
179 }
183 // Routine to print an error message to standard error.
185 LPSTR lpMsgBuf;
188 FORMAT_MESSAGE_IGNORE_INSERTS,
196 }
199 BasicInit,
200 WithSymbolSupport,
201 };
203 // This function ensures that DbgHelp.dll is loaded in the current process,
204 // and initializes the gDbgHelpCS critical section that we use to protect calls
205 // to DbgHelp functions. If DbgHelpInitFlags::WithSymbolSupport is set, we
206 // additionally call the symbol initialization functions from DbgHelp so that
207 // symbol-related functions can be used.
208 //
209 // This function is thread-safe and reentrancy-safe. In debug and fuzzing
210 // builds, MOZ_ASSERT and MOZ_CRASH walk the stack to print it before actually
211 // crashing. Hence *any* MOZ_ASSERT or MOZ_CRASH failure reached from
212 // InitializeDbgHelp() leads to rentrancy (see bug 1869997 for an example).
213 // Such failures can occur indirectly when we load dbghelp.dll, because we
214 // override various Microsoft-internal functions that are called upon DLL
215 // loading.
218 // In the code below, it is only safe to reach MOZ_ASSERT or MOZ_CRASH while
219 // sInitializationThreadId is set to the current thread id.
223 // This code relies on Windows never giving us a current thread ID of zero.
224 // We make this assumption explicit, by failing if that should ever occur.
227 }
230 // This is a reentrant call and we must abort here.
232 }
243 }();
245 // If we don't need symbol initialization, we are done. If we need it, we
246 // can only proceed if DbgHelp initialization was successful.
249 }
257 /* XXX At some point we need to arrange to call SymCleanup */
262 }
267 }();
270 }
272 // Wrapper around a reference to a CONTEXT, to simplify access to main
273 // platform-specific execution registers.
274 // It also avoids using CONTEXT* nullable pointers.
282 # if defined(_M_AMD64)
284 # elif defined(_M_ARM64)
286 # elif defined(_M_IX86)
288 # else
290 # endif
291 }
294 # if defined(_M_AMD64)
296 # elif defined(_M_ARM64)
298 # elif defined(_M_IX86)
300 # else
302 # endif
303 }
306 # if defined(_M_AMD64)
308 # elif defined(_M_ARM64)
310 # elif defined(_M_IX86)
312 # else
314 # endif
315 }
319 };
321 /**
322 * Walk the stack, translating PC's found into strings and recording the
323 * chain in aBuffer. For this to work properly, the DLLs must be rebased
324 * so that the address in the file agrees with the address in memory.
325 * Otherwise StackWalk will return FALSE when it hits a frame in a DLL
326 * whose in memory address doesn't match its in-file address.
327 */
333 # if defined(_M_IX86)
336 }
337 # endif
348 }
350 // If not already provided, get a context for the specified thread.
351 CONTEXT context_buf;
359 }
360 }
363 # if defined(_M_IX86)
364 // Setup initial stack frame to walk from.
365 STACKFRAME64 frame64;
374 # endif
376 # if defined(_M_AMD64) || defined(_M_ARM64)
377 // If there are any active suppressions, then at least one thread (we don't
378 // know which) is holding a lock that can deadlock RtlVirtualUnwind. Since
379 // that thread may be the one that we're trying to unwind, we can't proceed.
380 //
381 // But if there are no suppressions, then our target thread can't be holding
382 // a lock, and it's safe to proceed. By virtue of being suspended, the target
383 // thread can't acquire any new locks during the unwind process, so we only
384 // need to do this check once. After that, sStackWalkSuppressions can be
385 // changed by other threads while we're unwinding, and that's fine because
386 // we can't deadlock with those threads.
389 }
392 # endif
398 // Now walk the stack.
400 DWORD64 addr;
401 DWORD64 spaddr;
403 # if defined(_M_IX86)
404 // 32-bit frame unwinding.
405 // Debug routines are not threadsafe, so grab the lock.
407 BOOL ok =
423 }
424 }
428 }
430 # elif defined(_M_AMD64) || defined(_M_ARM64)
434 // If we reach a frame in JIT code, we don't have enough information to
435 // unwind, so we have to give up.
439 }
441 // We must also avoid msmpeg2vdec.dll's JIT region: they don't generate
442 // unwind data, so their JIT unwind callback just throws up its hands and
443 // terminates the process.
449 }
451 // 64-bit frame unwinding.
452 // Try to look up unwind metadata for the current function.
453 ULONG64 imageBase;
454 PRUNTIME_FUNCTION runtimeFunction =
458 PVOID dummyHandlerData;
459 ULONG64 dummyEstablisherFrame;
464 // Leaf functions can be unwound by hand.
468 // Something went wrong.
470 }
475 # else
477 # endif
481 }
485 }
491 }
493 # if defined(_M_IX86)
496 }
497 # endif
498 }
499 }
504 // We don't pass a aFirstFramePC because we walk the stack for another
505 // thread.
507 aContext);
508 }
515 }
522 /*
523 * You'll want to control this if we are running on an
524 * architecture where the addresses go the other direction.
525 * Not sure this is even a realistic consideration.
526 */
529 /*
530 * If it falls in side the known range, load the symbols.
531 */
539 }
540 }
543 }
545 /*
546 * SymGetModuleInfoEspecial
547 *
548 * Attempt to determine the module information.
549 * Bug 112196 says this DLL may not have been loaded at the time
550 * SymInitialize was called, and thus the module information
551 * and symbol information is not available.
552 * This code rectifies that problem.
553 */
555 // New members were added to IMAGEHLP_MODULE64 (that show up in the
556 // Platform SDK that ships with VC8, but not the Platform SDK that ships
557 // with VC7.1, i.e., between DbgHelp 6.0 and 6.1), but we don't need to
558 // use them, and it's useful to be able to function correctly with the
559 // older library. (Stock Windows XP SP2 seems to ship with dbghelp.dll
560 // version 5.1.) Since Platform SDK version need not correspond to
561 // compiler version, and the version number in debughlp.h was NOT bumped
562 // when these changes were made, ifdef based on a constant that was
563 // added between these versions.
564 # ifdef SSRVOPT_SETCONTEXT
565 # define NS_IMAGEHLP_MODULE64_SIZE \
566 (((offsetof(IMAGEHLP_MODULE64, LoadedPdbName) + sizeof(DWORD64) - 1) / \
567 sizeof(DWORD64)) * \
568 sizeof(DWORD64))
569 # else
570 # define NS_IMAGEHLP_MODULE64_SIZE sizeof(IMAGEHLP_MODULE64)
571 # endif
574 PIMAGEHLP_MODULE64 aModuleInfo,
575 PIMAGEHLP_LINE64 aLineInfo) {
578 /*
579 * Init the vars if we have em.
580 */
584 }
586 /*
587 * Give it a go.
588 * It may already be loaded.
589 */
592 /*
593 * Not loaded, here's the magic.
594 * Go through all the modules.
595 */
596 // Need to cast to PENUMLOADED_MODULES_CALLBACK64 because the
597 // constness of the first parameter of
598 // PENUMLOADED_MODULES_CALLBACK64 varies over SDK versions (from
599 // non-const to const over time). See bug 391848 and bug
600 // 415426.
605 /*
606 * One final go.
607 * If it fails, then well, we have other problems.
608 */
610 }
611 }
613 /*
614 * If we got module info, we may attempt line info as well.
615 * We will not report failure if this does not work.
616 */
622 // Clear out aLineInfo to indicate that it's not valid
624 }
625 }
628 }
641 }
644 BOOL ok;
646 // debug routines are not threadsafe, so grab the lock.
649 //
650 // Attempt to load module info before we attempt to resolve the symbol.
651 // This just makes sure we get good info if available.
652 //
655 IMAGEHLP_MODULE64 modInfo;
656 IMAGEHLP_LINE64 lineInfo;
657 BOOL modInfoRes;
671 }
672 }
681 DWORD64 displacement;
688 }
692 }
694 // i386 or PPC Linux stackwalking code
695 //
696 // Changes to to OS/Architecture support here should be reflected in
697 // build/moz.configure/memory.configure
698 #elif HAVE_DLADDR && \
699 (HAVE__UNWIND_BACKTRACE || MOZ_STACKWALK_SUPPORTS_LINUX || \
700 MOZ_STACKWALK_SUPPORTS_MACOSX)
702 # include <stdlib.h>
703 # include <stdio.h>
705 // On glibc 2.1, the Dl_info api defined in <dlfcn.h> is only exposed
706 // if __USE_GNU is defined. I suppose its some kind of standards
707 // adherence thing.
708 //
709 # if (__GLIBC_MINOR__ >= 1) && !defined(__USE_GNU)
710 # define __USE_GNU
711 # endif
713 // This thing is exported by libstdc++
714 // Yes, this is a gcc only hack
715 # if defined(MOZ_DEMANGLE_SYMBOLS)
716 # include <cxxabi.h>
724 # if defined(MOZ_DEMANGLE_SYMBOLS)
725 /* See demangle.h in the gcc source for the voodoo */
732 }
734 }
738 // {x86, ppc} x {Linux, Mac} stackwalking code.
739 //
740 // Changes to to OS/Architecture support here should be reflected in
741 // build/moz.configure/memory.configure
742 # if ((defined(__i386) || defined(PPC) || defined(__ppc__)) && \
743 (MOZ_STACKWALK_SUPPORTS_MACOSX || MOZ_STACKWALK_SUPPORTS_LINUX))
753 // Get the frame pointer
757 # if HAVE___LIBC_STACK_END
759 # elif defined(XP_DARWIN)
761 # elif defined(ANDROID)
762 pthread_attr_t sattr;
768 // bionic's pthread_attr_getstack doesn't tell the truth for the main
769 // thread (see bug 846670). So don't use it for the main thread.
774 }
775 }
777 // So consider the current frame pointer + an arbitrary size of 8MB
778 // (modulo overflow ; not really arbitrary as it's the default stack
779 // size for the main thread) if pthread_attr_getstack failed for
780 // some reason (or was skipped).
785 }
786 # else
787 # error Unsupported configuration
788 # endif
790 stackEnd);
791 }
793 # elif defined(HAVE__UNWIND_BACKTRACE)
795 // libgcc_s.so symbols _Unwind_Backtrace@@GCC_3.3 and _Unwind_GetIP@@GCC_3.0
796 # include <unwind.h>
799 MozWalkStackCallback callback;
800 FrameSkipper skipper;
804 };
810 // TODO Use something like '_Unwind_GetGR()' to get the stack pointer.
815 // Again, any error code that stops the walk will do.
817 }
818 }
820 }
825 unwind_info info;
832 // We ignore the return value from _Unwind_Backtrace. There are three main
833 // reasons for this.
834 // - On ARM/Android bionic's _Unwind_Backtrace usually (always?) returns
835 // _URC_FAILURE. See
836 // https://bugzilla.mozilla.org/show_bug.cgi?id=717853#c110.
837 // - If aMaxFrames != 0, we want to stop early, and the only way to do that
838 // is to make unwind_callback return something other than _URC_NO_REASON,
839 // which causes _Unwind_Backtrace to return a non-success code.
840 // - MozStackWalk doesn't have a return value anyway.
842 }
844 # endif
855 Dl_info info;
857 # if defined(ANDROID) && defined(MOZ_LINKER)
859 # else
861 # endif
865 }
871 # if !defined(XP_FREEBSD)
872 // On FreeBSD, dli_sname is unusably bad, it often returns things like
873 // 'gtk_xtbin_new' or 'XRE_GetBootstrap' instead of long C++ symbols. Just let
874 // GetFunction do the lookup directly in the ELF image.
879 }
884 // Just use the mangled symbol if demangling failed.
887 }
890 # endif
893 }
910 }
912 #endif
914 #if defined(XP_WIN) || defined(XP_MACOSX) || defined(XP_LINUX)
916 # if defined(XP_MACOSX) && defined(__aarch64__)
917 // On macOS arm64, system libraries are arm64e binaries, and arm64e can do
918 // pointer authentication: The low bits of the pointer are the actual pointer
919 // value, and the high bits are an encrypted hash. During stackwalking, we need
920 // to strip off this hash. In theory, ptrauth_strip would be the right function
921 // to call for this. However, that function is a no-op unless it's called from
922 // code which also builds as arm64e - which we do not. So we cannot use it. So
923 // for now, we hardcode a mask that seems to work today: 40 bits for the pointer
924 // and 24 bits for the hash seems to do the trick. We can worry about
925 // dynamically computing the correct mask if this ever stops working.
928 # else
930 # endif
932 MOZ_ASAN_IGNORE
937 // Stack walking code courtesy Kipp's "leaky".
942 // Sanitize the given aBp. Assume that something reasonably close to
943 // but before the stack end is going be a valid frame pointer. Also
944 // check that it is an aligned address. This increases the chances
945 // that if the pointer is not valid (which might happen if the caller
946 // called __builtin_frame_address(1) and its frame is busted for some
947 // reason), we won't read it, leading to a crash. Because the calling
948 // code is not using frame pointers when returning, it might actually
949 // recover just fine.
955 }
959 // aBp may not be a frame pointer on i386 if code was compiled with
960 // -fomit-frame-pointer, so do some sanity checks.
961 // (aBp should be a frame pointer on ppc(64) but checking anyway may help
962 // a little if the stack has been corrupted.)
963 // We don't need to check against the begining of the stack because
964 // we can assume that aBp > sp
967 }
968 # if (defined(__ppc__) && defined(XP_MACOSX)) || defined(__powerpc64__)
969 // ppc mac or powerpc64 linux
975 # endif
977 // Strip off pointer authentication hash, if present. For now, it looks
978 // like only return addresses require stripping, and stack pointers do
979 // not. This might change in the future.
983 // Assume that the SP points to the BP of the function
984 // it called. We can't know the exact location of the SP
985 // but this should be sufficient for our use the SP
986 // to order elements on the stack.
987 numFrames++;
991 }
992 }
994 }
995 }
1002 // We don't pass a aFirstFramePC because we start walking the stack from the
1003 // frame at aBp.
1005 aStackEnd);
1006 }
1010 #else
1018 #endif
1027 }
1036 // We have a filename and (presumably) a line number. Use them.
1040 // We have no filename, but we do have a library name. Use it and the
1041 // library offset, and print them in a way that `fix_stacks.py` can
1042 // post-process.
1047 // We have nothing useful to go on. (The format string is split because
1048 // '??)' is a trigraph and causes a warning, sigh.)
1050 "#%02u: ??? (???:???"
1052 aFrameNumber);
1053 }
1054 }
1057 #ifdef XP_WIN
1059 #else
1061 #endif
1063 #ifdef XP_WIN
1065 #else
1067 #endif
1070 }
1073 }
1074 }
1079 MozCodeAddressDetails details;
1087 }
1096 }
1102 }();
1104 }
1111 }
1112 }
1120 }
1128 }
1129 }