| blob | 18fd3464b0195e6c4c9e1c181ac6cc51e7945cd4 |
1 /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
2 /* vim: set ts=8 sts=2 et sw=2 tw=80: */
3 /* This Source Code Form is subject to the terms of the Mozilla Public
4 * License, v. 2.0. If a copy of the MPL was not distributed with this
5 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
7 /* API for getting a stack trace of the C/C++ stack on the current thread */
13 #ifdef XP_WIN
15 # include <io.h>
16 #else
17 # include <unistd.h>
18 #endif
21 #include <string.h>
23 #if defined(ANDROID) && defined(MOZ_LINKER)
25 # include <android/log.h>
26 #endif
30 // for _Unwind_Backtrace from libcxxrt or libunwind
31 // cxxabi.h from libcxxrt implicitly includes unwind.h first
32 #if defined(HAVE__UNWIND_BACKTRACE) && !defined(_GNU_SOURCE)
33 # define _GNU_SOURCE
34 #endif
36 #if defined(HAVE_DLFCN_H) || defined(XP_DARWIN)
37 # include <dlfcn.h>
38 #endif
40 #if (defined(XP_DARWIN) && \
41 (defined(__i386) || defined(__ppc__) || defined(HAVE__UNWIND_BACKTRACE)))
42 # define MOZ_STACKWALK_SUPPORTS_MACOSX 1
43 #else
44 # define MOZ_STACKWALK_SUPPORTS_MACOSX 0
45 #endif
47 #if __GLIBC__ > 2 || (__GLIBC__ == 2 && __GLIBC_MINOR__ >= 1)
48 # define HAVE___LIBC_STACK_END 1
49 #else
50 # define HAVE___LIBC_STACK_END 0
51 #endif
53 #if (defined(linux) && \
54 ((defined(__GNUC__) && (defined(__i386) || defined(PPC))) || \
55 defined(HAVE__UNWIND_BACKTRACE)) && \
56 (HAVE___LIBC_STACK_END || ANDROID))
57 # define MOZ_STACKWALK_SUPPORTS_LINUX 1
58 #else
59 # define MOZ_STACKWALK_SUPPORTS_LINUX 0
60 #endif
62 #if HAVE___LIBC_STACK_END
64 #endif
66 #ifdef ANDROID
67 # include <algorithm>
68 # include <unistd.h>
69 # include <pthread.h>
70 #endif
76 #ifdef __arm__
77 // On 32-bit ARM, mask off the thumb bit to get the instruction address.
79 #else
81 #endif
82 }
84 // Skip frames until we encounter the one we were initialized with,
85 // and then never skip again.
90 }
92 }
94 }
99 };
101 #ifdef XP_WIN
103 # include <windows.h>
104 # include <process.h>
105 # include <stdio.h>
106 # include <malloc.h>
112 # include <imagehlp.h>
113 // We need a way to know if we are building for WXP (or later), as if we are, we
114 // need to use the newer 64-bit APIs. API_VERSION_NUMBER seems to fit the bill.
115 // A value of 9 indicates we want to use the new APIs.
116 # if API_VERSION_NUMBER < 9
117 # error Too old imagehlp.h
118 # endif
120 // DbgHelp functions are not thread-safe and should therefore be protected by
121 // using this critical section. Only use the critical section after a
122 // successful call to InitializeDbgHelp().
123 CRITICAL_SECTION gDbgHelpCS;
125 # if defined(_M_AMD64) || defined(_M_ARM64)
126 // Because various Win64 APIs acquire function-table locks, we need a way of
127 // preventing stack walking while those APIs are being called. Otherwise, the
128 // stack walker may suspend a thread holding such a lock, and deadlock when the
129 // stack unwind code attempts to wait for that lock.
130 //
131 // We're using an atomic counter rather than a critical section because we
132 // don't require mutual exclusion with the stack walker. If the stack walker
133 // determines that it's safe to start unwinding the suspended thread (i.e.
134 // there are no suppressions when the unwind begins), then it's safe to
135 // continue unwinding that thread even if other threads request suppressions
136 // in the meantime, because we can't deadlock with those other threads.
137 //
138 // XXX: This global variable is a larger-than-necessary hammer. A more scoped
139 // solution would be to maintain a counter per thread, but then it would be
140 // more difficult for WalkStackMain64 to read the suspended thread's counter.
147 // We should never desuppress from 0. See bug 1687510 comment 10 for an
148 // example in which this occured.
150 }
152 MFBT_API
155 MFBT_API
158 }
166 // Currently we can only handle one JIT code region at a time
171 }
174 // Currently we can only handle one JIT code region at a time
180 }
184 // Routine to print an error message to standard error.
186 LPSTR lpMsgBuf;
189 FORMAT_MESSAGE_IGNORE_INSERTS,
197 }
200 BasicInit,
201 WithSymbolSupport,
202 };
204 // This function ensures that DbgHelp.dll is loaded in the current process,
205 // and initializes the gDbgHelpCS critical section that we use to protect calls
206 // to DbgHelp functions. If DbgHelpInitFlags::WithSymbolSupport is set, we
207 // additionally call the symbol initialization functions from DbgHelp so that
208 // symbol-related functions can be used.
209 //
210 // This function is thread-safe and reentrancy-safe. In debug and fuzzing
211 // builds, MOZ_ASSERT and MOZ_CRASH walk the stack to print it before actually
212 // crashing. Hence *any* MOZ_ASSERT or MOZ_CRASH failure reached from
213 // InitializeDbgHelp() leads to rentrancy (see bug 1869997 for an example).
214 // Such failures can occur indirectly when we load dbghelp.dll, because we
215 // override various Microsoft-internal functions that are called upon DLL
216 // loading.
219 // In the code below, it is only safe to reach MOZ_ASSERT or MOZ_CRASH while
220 // sInitializationThreadId is set to the current thread id.
224 // This code relies on Windows never giving us a current thread ID of zero.
225 // We make this assumption explicit, by failing if that should ever occur.
228 }
231 // This is a reentrant call and we must abort here.
233 }
244 }();
246 // If we don't need symbol initialization, we are done. If we need it, we
247 // can only proceed if DbgHelp initialization was successful.
250 }
258 /* XXX At some point we need to arrange to call SymCleanup */
263 }
268 }();
271 }
273 // Wrapper around a reference to a CONTEXT, to simplify access to main
274 // platform-specific execution registers.
275 // It also avoids using CONTEXT* nullable pointers.
283 # if defined(_M_AMD64)
285 # elif defined(_M_ARM64)
287 # elif defined(_M_IX86)
289 # else
291 # endif
292 }
295 # if defined(_M_AMD64)
297 # elif defined(_M_ARM64)
299 # elif defined(_M_IX86)
301 # else
303 # endif
304 }
307 # if defined(_M_AMD64)
309 # elif defined(_M_ARM64)
311 # elif defined(_M_IX86)
313 # else
315 # endif
316 }
320 };
322 /**
323 * Walk the stack, translating PC's found into strings and recording the
324 * chain in aBuffer. For this to work properly, the DLLs must be rebased
325 * so that the address in the file agrees with the address in memory.
326 * Otherwise StackWalk will return FALSE when it hits a frame in a DLL
327 * whose in memory address doesn't match its in-file address.
328 */
334 # if defined(_M_IX86)
337 }
338 # endif
349 }
351 // If not already provided, get a context for the specified thread.
352 CONTEXT context_buf;
360 }
361 }
364 # if defined(_M_IX86)
365 // Setup initial stack frame to walk from.
366 STACKFRAME64 frame64;
375 # endif
377 # if defined(_M_AMD64) || defined(_M_ARM64)
378 // If there are any active suppressions, then at least one thread (we don't
379 // know which) is holding a lock that can deadlock RtlVirtualUnwind. Since
380 // that thread may be the one that we're trying to unwind, we can't proceed.
381 //
382 // But if there are no suppressions, then our target thread can't be holding
383 // a lock, and it's safe to proceed. By virtue of being suspended, the target
384 // thread can't acquire any new locks during the unwind process, so we only
385 // need to do this check once. After that, sStackWalkSuppressions can be
386 // changed by other threads while we're unwinding, and that's fine because
387 // we can't deadlock with those threads.
390 }
393 # endif
399 // Now walk the stack.
401 DWORD64 addr;
402 DWORD64 spaddr;
404 # if defined(_M_IX86)
405 // 32-bit frame unwinding.
406 // Debug routines are not threadsafe, so grab the lock.
408 BOOL ok =
424 }
425 }
429 }
431 # elif defined(_M_AMD64) || defined(_M_ARM64)
435 // If we reach a frame in JIT code, we don't have enough information to
436 // unwind, so we have to give up.
440 }
442 // We must also avoid msmpeg2vdec.dll's JIT region: they don't generate
443 // unwind data, so their JIT unwind callback just throws up its hands and
444 // terminates the process.
450 }
452 // 64-bit frame unwinding.
453 // Try to look up unwind metadata for the current function.
454 ULONG64 imageBase;
455 PRUNTIME_FUNCTION runtimeFunction =
459 PVOID dummyHandlerData;
460 ULONG64 dummyEstablisherFrame;
465 // Leaf functions can be unwound by hand.
469 // Something went wrong.
471 }
476 # else
478 # endif
482 }
486 }
492 }
494 # if defined(_M_IX86)
497 }
498 # endif
499 }
500 }
505 // We don't pass a aFirstFramePC because we walk the stack for another
506 // thread.
508 aContext);
509 }
516 }
523 /*
524 * You'll want to control this if we are running on an
525 * architecture where the addresses go the other direction.
526 * Not sure this is even a realistic consideration.
527 */
530 /*
531 * If it falls in side the known range, load the symbols.
532 */
540 }
541 }
544 }
546 /*
547 * SymGetModuleInfoEspecial
548 *
549 * Attempt to determine the module information.
550 * Bug 112196 says this DLL may not have been loaded at the time
551 * SymInitialize was called, and thus the module information
552 * and symbol information is not available.
553 * This code rectifies that problem.
554 */
556 // New members were added to IMAGEHLP_MODULE64 (that show up in the
557 // Platform SDK that ships with VC8, but not the Platform SDK that ships
558 // with VC7.1, i.e., between DbgHelp 6.0 and 6.1), but we don't need to
559 // use them, and it's useful to be able to function correctly with the
560 // older library. (Stock Windows XP SP2 seems to ship with dbghelp.dll
561 // version 5.1.) Since Platform SDK version need not correspond to
562 // compiler version, and the version number in debughlp.h was NOT bumped
563 // when these changes were made, ifdef based on a constant that was
564 // added between these versions.
565 # ifdef SSRVOPT_SETCONTEXT
566 # define NS_IMAGEHLP_MODULE64_SIZE \
567 (((offsetof(IMAGEHLP_MODULE64, LoadedPdbName) + sizeof(DWORD64) - 1) / \
568 sizeof(DWORD64)) * \
569 sizeof(DWORD64))
570 # else
571 # define NS_IMAGEHLP_MODULE64_SIZE sizeof(IMAGEHLP_MODULE64)
572 # endif
575 PIMAGEHLP_MODULE64 aModuleInfo,
576 PIMAGEHLP_LINE64 aLineInfo) {
579 /*
580 * Init the vars if we have em.
581 */
585 }
587 /*
588 * Give it a go.
589 * It may already be loaded.
590 */
593 /*
594 * Not loaded, here's the magic.
595 * Go through all the modules.
596 */
597 // Need to cast to PENUMLOADED_MODULES_CALLBACK64 because the
598 // constness of the first parameter of
599 // PENUMLOADED_MODULES_CALLBACK64 varies over SDK versions (from
600 // non-const to const over time). See bug 391848 and bug
601 // 415426.
606 /*
607 * One final go.
608 * If it fails, then well, we have other problems.
609 */
611 }
612 }
614 /*
615 * If we got module info, we may attempt line info as well.
616 * We will not report failure if this does not work.
617 */
623 // Clear out aLineInfo to indicate that it's not valid
625 }
626 }
629 }
642 }
645 BOOL ok;
647 // debug routines are not threadsafe, so grab the lock.
650 //
651 // Attempt to load module info before we attempt to resolve the symbol.
652 // This just makes sure we get good info if available.
653 //
656 IMAGEHLP_MODULE64 modInfo;
657 IMAGEHLP_LINE64 lineInfo;
658 BOOL modInfoRes;
672 }
673 }
682 DWORD64 displacement;
689 }
693 }
695 // i386 or PPC Linux stackwalking code
696 //
697 // Changes to to OS/Architecture support here should be reflected in
698 // build/moz.configure/memory.configure
699 #elif HAVE_DLADDR && \
700 (HAVE__UNWIND_BACKTRACE || MOZ_STACKWALK_SUPPORTS_LINUX || \
701 MOZ_STACKWALK_SUPPORTS_MACOSX)
703 # include <stdlib.h>
704 # include <stdio.h>
706 // On glibc 2.1, the Dl_info api defined in <dlfcn.h> is only exposed
707 // if __USE_GNU is defined. I suppose its some kind of standards
708 // adherence thing.
709 //
710 # if (__GLIBC_MINOR__ >= 1) && !defined(__USE_GNU)
711 # define __USE_GNU
712 # endif
714 // This thing is exported by libstdc++
715 // Yes, this is a gcc only hack
716 # if defined(MOZ_DEMANGLE_SYMBOLS)
717 # include <cxxabi.h>
725 # if defined(MOZ_DEMANGLE_SYMBOLS)
726 /* See demangle.h in the gcc source for the voodoo */
733 }
735 }
739 // {x86, ppc} x {Linux, Mac} stackwalking code.
740 //
741 // Changes to to OS/Architecture support here should be reflected in
742 // build/moz.configure/memory.configure
743 # if ((defined(__i386) || defined(PPC) || defined(__ppc__)) && \
744 (MOZ_STACKWALK_SUPPORTS_MACOSX || MOZ_STACKWALK_SUPPORTS_LINUX))
754 // Get the frame pointer
758 # if HAVE___LIBC_STACK_END
760 # elif defined(XP_DARWIN)
762 # elif defined(ANDROID)
763 pthread_attr_t sattr;
769 // bionic's pthread_attr_getstack doesn't tell the truth for the main
770 // thread (see bug 846670). So don't use it for the main thread.
775 }
776 }
778 // So consider the current frame pointer + an arbitrary size of 8MB
779 // (modulo overflow ; not really arbitrary as it's the default stack
780 // size for the main thread) if pthread_attr_getstack failed for
781 // some reason (or was skipped).
786 }
787 # else
788 # error Unsupported configuration
789 # endif
791 stackEnd);
792 }
794 # elif defined(HAVE__UNWIND_BACKTRACE)
796 // libgcc_s.so symbols _Unwind_Backtrace@@GCC_3.3 and _Unwind_GetIP@@GCC_3.0
797 # include <unwind.h>
800 MozWalkStackCallback callback;
801 FrameSkipper skipper;
805 };
811 // TODO Use something like '_Unwind_GetGR()' to get the stack pointer.
816 // Again, any error code that stops the walk will do.
818 }
819 }
821 }
826 unwind_info info;
833 // We ignore the return value from _Unwind_Backtrace. There are three main
834 // reasons for this.
835 // - On ARM/Android bionic's _Unwind_Backtrace usually (always?) returns
836 // _URC_FAILURE. See
837 // https://bugzilla.mozilla.org/show_bug.cgi?id=717853#c110.
838 // - If aMaxFrames != 0, we want to stop early, and the only way to do that
839 // is to make unwind_callback return something other than _URC_NO_REASON,
840 // which causes _Unwind_Backtrace to return a non-success code.
841 // - MozStackWalk doesn't have a return value anyway.
843 }
845 # endif
856 Dl_info info;
858 # if defined(ANDROID) && defined(MOZ_LINKER)
860 # else
862 # endif
866 }
872 # if !defined(XP_FREEBSD)
873 // On FreeBSD, dli_sname is unusably bad, it often returns things like
874 // 'gtk_xtbin_new' or 'XRE_GetBootstrap' instead of long C++ symbols. Just let
875 // GetFunction do the lookup directly in the ELF image.
880 }
885 // Just use the mangled symbol if demangling failed.
888 }
891 # endif
894 }
911 }
913 #endif
915 #if defined(XP_WIN) || defined(XP_MACOSX) || defined(XP_LINUX)
917 # if defined(XP_MACOSX) && defined(__aarch64__)
918 // On macOS arm64, system libraries are arm64e binaries, and arm64e can do
919 // pointer authentication: The low bits of the pointer are the actual pointer
920 // value, and the high bits are an encrypted hash. During stackwalking, we need
921 // to strip off this hash. In theory, ptrauth_strip would be the right function
922 // to call for this. However, that function is a no-op unless it's called from
923 // code which also builds as arm64e - which we do not. So we cannot use it. So
924 // for now, we hardcode a mask that seems to work today: 40 bits for the pointer
925 // and 24 bits for the hash seems to do the trick. We can worry about
926 // dynamically computing the correct mask if this ever stops working.
929 # else
931 # endif
933 MOZ_ASAN_IGNORE
938 // Stack walking code courtesy Kipp's "leaky".
943 // Sanitize the given aBp. Assume that something reasonably close to
944 // but before the stack end is going be a valid frame pointer. Also
945 // check that it is an aligned address. This increases the chances
946 // that if the pointer is not valid (which might happen if the caller
947 // called __builtin_frame_address(1) and its frame is busted for some
948 // reason), we won't read it, leading to a crash. Because the calling
949 // code is not using frame pointers when returning, it might actually
950 // recover just fine.
956 }
960 // aBp may not be a frame pointer on i386 if code was compiled with
961 // -fomit-frame-pointer, so do some sanity checks.
962 // (aBp should be a frame pointer on ppc(64) but checking anyway may help
963 // a little if the stack has been corrupted.)
964 // We don't need to check against the begining of the stack because
965 // we can assume that aBp > sp
968 }
969 # if (defined(__ppc__) && defined(XP_MACOSX)) || defined(__powerpc64__)
970 // ppc mac or powerpc64 linux
976 # endif
978 // Strip off pointer authentication hash, if present. For now, it looks
979 // like only return addresses require stripping, and stack pointers do
980 // not. This might change in the future.
984 // Assume that the SP points to the BP of the function
985 // it called. We can't know the exact location of the SP
986 // but this should be sufficient for our use the SP
987 // to order elements on the stack.
988 numFrames++;
992 }
993 }
995 }
996 }
1003 // We don't pass a aFirstFramePC because we start walking the stack from the
1004 // frame at aBp.
1006 aStackEnd);
1007 }
1011 #else
1019 #endif
1028 }
1037 // We have a filename and (presumably) a line number. Use them.
1041 // We have no filename, but we do have a library name. Use it and the
1042 // library offset, and print them in a way that `fix_stacks.py` can
1043 // post-process.
1048 // We have nothing useful to go on. (The format string is split because
1049 // '??)' is a trigraph and causes a warning, sigh.)
1051 "#%02u: ??? (???:???"
1053 aFrameNumber);
1054 }
1055 }
1058 #ifdef XP_WIN
1060 #else
1062 #endif
1064 #ifdef XP_WIN
1066 #else
1068 #endif
1071 }
1074 }
1075 }
1080 MozCodeAddressDetails details;
1088 }
1097 }
1103 }();
1105 }
1112 }
1113 }
1121 }
1129 }
1130 }