mirror of
https://github.com/chromium/crashpad.git
synced 2025-01-14 17:30:09 +08:00
371083179b
The memory region data saved in the intermediate dump is an address offset by 128 bytes. However, the MemorySnapshot generated was using the original address and not the offset address. The same data is being captured in the minidump. Change-Id: Ia34912c035319e79cf446a130e662084f4ab51ea Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/5529059 Commit-Queue: Justin Cohen <justincohen@chromium.org> Reviewed-by: Joshua Peraza <jperaza@chromium.org> Reviewed-by: Rohit Rao <rohitrao@chromium.org>
1262 lines
50 KiB
C++
1262 lines
50 KiB
C++
// Copyright 2021 The Crashpad Authors
|
||
//
|
||
// Licensed under the Apache License, Version 2.0 (the "License");
|
||
// you may not use this file except in compliance with the License.
|
||
// You may obtain a copy of the License at
|
||
//
|
||
// http://www.apache.org/licenses/LICENSE-2.0
|
||
//
|
||
// Unless required by applicable law or agreed to in writing, software
|
||
// distributed under the License is distributed on an "AS IS" BASIS,
|
||
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||
// See the License for the specific language governing permissions and
|
||
// limitations under the License.
|
||
|
||
#include "client/ios_handler/in_process_intermediate_dump_handler.h"
|
||
|
||
#include <mach-o/dyld_images.h>
|
||
#include <mach-o/nlist.h>
|
||
#include <stdint.h>
|
||
#include <string.h>
|
||
#include <sys/sysctl.h>
|
||
#include <time.h>
|
||
|
||
#include <iterator>
|
||
#include <optional>
|
||
|
||
#include "base/check_op.h"
|
||
#include "build/build_config.h"
|
||
#include "snapshot/snapshot_constants.h"
|
||
#include "util/ios/ios_intermediate_dump_writer.h"
|
||
#include "util/ios/raw_logging.h"
|
||
#include "util/ios/scoped_vm_map.h"
|
||
#include "util/ios/scoped_vm_read.h"
|
||
#include "util/synchronization/scoped_spin_guard.h"
|
||
|
||
namespace crashpad {
|
||
namespace internal {
|
||
|
||
namespace {
|
||
|
||
#if defined(ARCH_CPU_X86_64)
|
||
const thread_state_flavor_t kThreadStateFlavor = x86_THREAD_STATE64;
|
||
const thread_state_flavor_t kFloatStateFlavor = x86_FLOAT_STATE64;
|
||
const thread_state_flavor_t kDebugStateFlavor = x86_DEBUG_STATE64;
|
||
using thread_state_type = x86_thread_state64_t;
|
||
#elif defined(ARCH_CPU_ARM64)
|
||
const thread_state_flavor_t kThreadStateFlavor = ARM_THREAD_STATE64;
|
||
const thread_state_flavor_t kFloatStateFlavor = ARM_NEON_STATE64;
|
||
const thread_state_flavor_t kDebugStateFlavor = ARM_DEBUG_STATE64;
|
||
using thread_state_type = arm_thread_state64_t;
|
||
#endif
|
||
|
||
// From snapshot/mac/process_types/crashreporterclient.proctype
|
||
struct crashreporter_annotations_t {
|
||
uint64_t version;
|
||
uint64_t message;
|
||
uint64_t signature_string;
|
||
uint64_t backtrace;
|
||
uint64_t message2;
|
||
uint64_t thread;
|
||
uint64_t dialog_mode;
|
||
uint64_t abort_cause;
|
||
};
|
||
|
||
//! \brief Manage memory and ports after calling `task_threads`.
|
||
class ScopedTaskThreads {
|
||
public:
|
||
explicit ScopedTaskThreads(thread_act_array_t threads,
|
||
mach_msg_type_number_t thread_count)
|
||
: threads_(threads), thread_count_(thread_count) {}
|
||
|
||
ScopedTaskThreads(const ScopedTaskThreads&) = delete;
|
||
ScopedTaskThreads& operator=(const ScopedTaskThreads&) = delete;
|
||
|
||
~ScopedTaskThreads() {
|
||
for (uint32_t thread_index = 0; thread_index < thread_count_;
|
||
++thread_index) {
|
||
mach_port_deallocate(mach_task_self(), threads_[thread_index]);
|
||
}
|
||
vm_deallocate(mach_task_self(),
|
||
reinterpret_cast<vm_address_t>(threads_),
|
||
sizeof(thread_t) * thread_count_);
|
||
}
|
||
|
||
private:
|
||
thread_act_array_t threads_;
|
||
mach_msg_type_number_t thread_count_;
|
||
};
|
||
|
||
//! \brief Log \a key as a string.
|
||
void WriteError(IntermediateDumpKey key) {
|
||
CRASHPAD_RAW_LOG("Unable to write key");
|
||
switch (key) {
|
||
// clang-format off
|
||
#define CASE_KEY(Name, Value) \
|
||
case IntermediateDumpKey::Name: \
|
||
CRASHPAD_RAW_LOG(#Name); \
|
||
break;
|
||
INTERMEDIATE_DUMP_KEYS(CASE_KEY)
|
||
#undef CASE_KEY
|
||
// clang-format on
|
||
}
|
||
}
|
||
|
||
//! \brief Call AddProperty with raw error log.
|
||
//!
|
||
//! \param[in] writer The dump writer
|
||
//! \param[in] key The key to write.
|
||
//! \param[in] value Memory to be written.
|
||
//! \param[in] count Length of \a value.
|
||
template <typename T>
|
||
void WriteProperty(IOSIntermediateDumpWriter* writer,
|
||
IntermediateDumpKey key,
|
||
const T* value,
|
||
size_t count = 1) {
|
||
if (!writer->AddProperty(key, value, count))
|
||
WriteError(key);
|
||
}
|
||
|
||
//! \brief Call AddPropertyBytes with raw error log.
|
||
//!
|
||
//! \param[in] writer The dump writer
|
||
//! \param[in] key The key to write.
|
||
//! \param[in] value Memory to be written.
|
||
//! \param[in] value_length Length of \a data.
|
||
void WritePropertyBytes(IOSIntermediateDumpWriter* writer,
|
||
IntermediateDumpKey key,
|
||
const void* value,
|
||
size_t value_length) {
|
||
if (!writer->AddPropertyBytes(key, value, value_length))
|
||
WriteError(key);
|
||
}
|
||
|
||
//! \brief Call AddPropertyCString with raw error log.
|
||
//!
|
||
//! \param[in] writer The dump writer
|
||
//! \param[in] key The key to write.
|
||
//! \param[in] max_length The maximum string length.
|
||
//! \param[in] value Memory to be written.
|
||
void WritePropertyCString(IOSIntermediateDumpWriter* writer,
|
||
IntermediateDumpKey key,
|
||
size_t max_length,
|
||
const char* value) {
|
||
if (!writer->AddPropertyCString(key, max_length, value))
|
||
WriteError(key);
|
||
}
|
||
|
||
kern_return_t MachVMRegionRecurseDeepest(task_t task,
|
||
vm_address_t* address,
|
||
vm_size_t* size,
|
||
natural_t* depth,
|
||
vm_prot_t* protection,
|
||
unsigned int* user_tag) {
|
||
vm_region_submap_short_info_64 submap_info;
|
||
mach_msg_type_number_t count = VM_REGION_SUBMAP_SHORT_INFO_COUNT_64;
|
||
while (true) {
|
||
// Note: vm_region_recurse() would be fine here, but it does not provide
|
||
// VM_REGION_SUBMAP_SHORT_INFO_COUNT.
|
||
kern_return_t kr = vm_region_recurse_64(
|
||
task,
|
||
address,
|
||
size,
|
||
depth,
|
||
reinterpret_cast<vm_region_recurse_info_t>(&submap_info),
|
||
&count);
|
||
if (kr != KERN_SUCCESS) {
|
||
CRASHPAD_RAW_LOG_ERROR(kr, "vm_region_recurse_64");
|
||
return kr;
|
||
}
|
||
|
||
if (!submap_info.is_submap) {
|
||
*protection = submap_info.protection;
|
||
*user_tag = submap_info.user_tag;
|
||
return KERN_SUCCESS;
|
||
}
|
||
|
||
++*depth;
|
||
}
|
||
}
|
||
|
||
//! \brief Adjusts the region for the red zone, if the ABI requires one.
|
||
//!
|
||
//! This method performs red zone calculation for CalculateStackRegion(). Its
|
||
//! parameters are local variables used within that method, and may be
|
||
//! modified as needed.
|
||
//!
|
||
//! Where a red zone is required, the region of memory captured for a thread’s
|
||
//! stack will be extended to include the red zone below the stack pointer,
|
||
//! provided that such memory is mapped, readable, and has the correct user
|
||
//! tag value. If these conditions cannot be met fully, as much of the red
|
||
//! zone will be captured as is possible while meeting these conditions.
|
||
//!
|
||
//! \param[in,out] start_address The base address of the region to begin
|
||
//! capturing stack memory from. On entry, \a start_address is the stack
|
||
//! pointer. On return, \a start_address may be decreased to encompass a
|
||
//! red zone.
|
||
//! \param[in,out] region_base The base address of the region that contains
|
||
//! stack memory. This is distinct from \a start_address in that \a
|
||
//! region_base will be page-aligned. On entry, \a region_base is the
|
||
//! base address of a region that contains \a start_address. On return,
|
||
//! if \a start_address is decremented and is outside of the region
|
||
//! originally described by \a region_base, \a region_base will also be
|
||
//! decremented appropriately.
|
||
//! \param[in,out] region_size The size of the region that contains stack
|
||
//! memory. This region begins at \a region_base. On return, if \a
|
||
//! region_base is decremented, \a region_size will be incremented
|
||
//! appropriately.
|
||
//! \param[in] user_tag The Mach VM system’s user tag for the region described
|
||
//! by the initial values of \a region_base and \a region_size. The red
|
||
//! zone will only be allowed to extend out of the region described by
|
||
//! these initial values if the user tag is appropriate for stack memory
|
||
//! and the expanded region has the same user tag value.
|
||
void LocateRedZone(vm_address_t* const start_address,
|
||
vm_address_t* const region_base,
|
||
vm_address_t* const region_size,
|
||
const unsigned int user_tag) {
|
||
// x86_64 has a red zone. See AMD64 ABI 0.99.8,
|
||
// https://gitlab.com/x86-psABIs/x86-64-ABI/-/wikis/uploads/01de35b2c8adc7545de52604cc45d942/x86-64-psABI-2021-05-20.pdf#page=23.
|
||
// section 3.2.2, “The Stack Frame”.
|
||
// So does ARM64,
|
||
// https://developer.apple.com/documentation/xcode/writing-arm64-code-for-apple-platforms#Respect-the-Stacks-Red-Zone
|
||
// section "Respect the Stack’s Red Zone".
|
||
constexpr vm_size_t kRedZoneSize = 128;
|
||
vm_address_t red_zone_base =
|
||
*start_address >= kRedZoneSize ? *start_address - kRedZoneSize : 0;
|
||
bool red_zone_ok = false;
|
||
if (red_zone_base >= *region_base) {
|
||
// The red zone is within the region already discovered.
|
||
red_zone_ok = true;
|
||
} else if (red_zone_base < *region_base && user_tag == VM_MEMORY_STACK) {
|
||
// Probe to see if there’s a region immediately below the one already
|
||
// discovered.
|
||
vm_address_t red_zone_region_base = red_zone_base;
|
||
vm_size_t red_zone_region_size;
|
||
natural_t red_zone_depth = 0;
|
||
vm_prot_t red_zone_protection;
|
||
unsigned int red_zone_user_tag;
|
||
kern_return_t kr = MachVMRegionRecurseDeepest(mach_task_self(),
|
||
&red_zone_region_base,
|
||
&red_zone_region_size,
|
||
&red_zone_depth,
|
||
&red_zone_protection,
|
||
&red_zone_user_tag);
|
||
if (kr != KERN_SUCCESS) {
|
||
*start_address = *region_base;
|
||
} else if (red_zone_region_base + red_zone_region_size == *region_base &&
|
||
(red_zone_protection & VM_PROT_READ) != 0 &&
|
||
red_zone_user_tag == user_tag) {
|
||
// The region containing the red zone is immediately below the region
|
||
// already found, it’s readable (not the guard region), and it has the
|
||
// same user tag as the region already found, so merge them.
|
||
red_zone_ok = true;
|
||
*region_base -= red_zone_region_size;
|
||
*region_size += red_zone_region_size;
|
||
}
|
||
}
|
||
|
||
if (red_zone_ok) {
|
||
// Begin capturing from the base of the red zone (but not the entire
|
||
// region that encompasses the red zone).
|
||
*start_address = red_zone_base;
|
||
} else {
|
||
// The red zone would go lower into another region in memory, but no
|
||
// region was found. Memory can only be captured to an address as low as
|
||
// the base address of the region already found.
|
||
*start_address = *region_base;
|
||
}
|
||
}
|
||
|
||
//! \brief Calculates the base address and size of the region used as a
|
||
//! thread’s stack.
|
||
//!
|
||
//! The region returned by this method may be formed by merging multiple
|
||
//! adjacent regions in a process’ memory map if appropriate. The base address
|
||
//! of the returned region may be lower than the \a stack_pointer passed in
|
||
//! when the ABI mandates a red zone below the stack pointer.
|
||
//!
|
||
//! \param[in] stack_pointer The stack pointer, referring to the top (lowest
|
||
//! address) of a thread’s stack.
|
||
//! \param[out] stack_region_size The size of the memory region used as the
|
||
//! thread’s stack.
|
||
//!
|
||
//! \return The base address (lowest address) of the memory region used as the
|
||
//! thread’s stack.
|
||
vm_address_t CalculateStackRegion(vm_address_t stack_pointer,
|
||
vm_size_t* stack_region_size) {
|
||
// For pthreads, it may be possible to compute the stack region based on the
|
||
// internal _pthread::stackaddr and _pthread::stacksize. The _pthread struct
|
||
// for a thread can be located at TSD slot 0, or the known offsets of
|
||
// stackaddr and stacksize from the TSD area could be used.
|
||
vm_address_t region_base = stack_pointer;
|
||
vm_size_t region_size;
|
||
natural_t depth = 0;
|
||
vm_prot_t protection;
|
||
unsigned int user_tag;
|
||
kern_return_t kr = MachVMRegionRecurseDeepest(mach_task_self(),
|
||
®ion_base,
|
||
®ion_size,
|
||
&depth,
|
||
&protection,
|
||
&user_tag);
|
||
if (kr != KERN_SUCCESS) {
|
||
CRASHPAD_RAW_LOG_ERROR(kr, "MachVMRegionRecurseDeepest");
|
||
*stack_region_size = 0;
|
||
return 0;
|
||
}
|
||
|
||
if (region_base > stack_pointer) {
|
||
// There’s nothing mapped at the stack pointer’s address. Something may have
|
||
// trashed the stack pointer. Note that this shouldn’t happen for a normal
|
||
// stack guard region violation because the guard region is mapped but has
|
||
// VM_PROT_NONE protection.
|
||
*stack_region_size = 0;
|
||
return 0;
|
||
}
|
||
|
||
vm_address_t start_address = stack_pointer;
|
||
|
||
if ((protection & VM_PROT_READ) == 0) {
|
||
// If the region isn’t readable, the stack pointer probably points to the
|
||
// guard region. Don’t include it as part of the stack, and don’t include
|
||
// anything at any lower memory address. The code below may still possibly
|
||
// find the real stack region at a memory address higher than this region.
|
||
start_address = region_base + region_size;
|
||
} else {
|
||
// If the ABI requires a red zone, adjust the region to include it if
|
||
// possible.
|
||
LocateRedZone(&start_address, ®ion_base, ®ion_size, user_tag);
|
||
|
||
// Regardless of whether the ABI requires a red zone, capture up to
|
||
// kExtraCaptureSize additional bytes of stack, but only if present in the
|
||
// region that was already found.
|
||
constexpr vm_size_t kExtraCaptureSize = 128;
|
||
start_address = std::max(start_address >= kExtraCaptureSize
|
||
? start_address - kExtraCaptureSize
|
||
: start_address,
|
||
region_base);
|
||
|
||
// Align start_address to a 16-byte boundary, which can help readers by
|
||
// ensuring that data is aligned properly. This could page-align instead,
|
||
// but that might be wasteful.
|
||
constexpr vm_size_t kDesiredAlignment = 16;
|
||
start_address &= ~(kDesiredAlignment - 1);
|
||
DCHECK_GE(start_address, region_base);
|
||
}
|
||
|
||
region_size -= (start_address - region_base);
|
||
region_base = start_address;
|
||
|
||
vm_size_t total_region_size = region_size;
|
||
|
||
// The stack region may have gotten split up into multiple abutting regions.
|
||
// Try to coalesce them. This frequently happens for the main thread’s stack
|
||
// when setrlimit(RLIMIT_STACK, …) is called. It may also happen if a region
|
||
// is split up due to an mprotect() or vm_protect() call.
|
||
//
|
||
// Stack regions created by the kernel and the pthreads library will be marked
|
||
// with the VM_MEMORY_STACK user tag. Scanning for multiple adjacent regions
|
||
// with the same tag should find an entire stack region. Checking that the
|
||
// protection on individual regions is not VM_PROT_NONE should guarantee that
|
||
// this algorithm doesn’t collect map entries belonging to another thread’s
|
||
// stack: well-behaved stacks (such as those created by the kernel and the
|
||
// pthreads library) have VM_PROT_NONE guard regions at their low-address
|
||
// ends.
|
||
//
|
||
// Other stack regions may not be so well-behaved and thus if user_tag is not
|
||
// VM_MEMORY_STACK, the single region that was found is used as-is without
|
||
// trying to merge it with other adjacent regions.
|
||
if (user_tag == VM_MEMORY_STACK) {
|
||
vm_address_t try_address = region_base;
|
||
vm_address_t original_try_address;
|
||
|
||
while (try_address += region_size,
|
||
original_try_address = try_address,
|
||
(kr = MachVMRegionRecurseDeepest(mach_task_self(),
|
||
&try_address,
|
||
®ion_size,
|
||
&depth,
|
||
&protection,
|
||
&user_tag) == KERN_SUCCESS) &&
|
||
try_address == original_try_address &&
|
||
(protection & VM_PROT_READ) != 0 &&
|
||
user_tag == VM_MEMORY_STACK) {
|
||
total_region_size += region_size;
|
||
}
|
||
|
||
if (kr != KERN_SUCCESS && kr != KERN_INVALID_ADDRESS) {
|
||
// Tolerate KERN_INVALID_ADDRESS because it will be returned when there
|
||
// are no more regions in the map at or above the specified |try_address|.
|
||
CRASHPAD_RAW_LOG_ERROR(kr, "MachVMRegionRecurseDeepest");
|
||
}
|
||
}
|
||
|
||
*stack_region_size = total_region_size;
|
||
return region_base;
|
||
}
|
||
|
||
//! \brief Write data around \a address to intermediate dump. Must be called
|
||
//! from within a ScopedArray.
|
||
void MaybeCaptureMemoryAround(IOSIntermediateDumpWriter* writer,
|
||
uint64_t address) {
|
||
constexpr uint64_t non_address_offset = 0x10000;
|
||
if (address < non_address_offset)
|
||
return;
|
||
|
||
constexpr uint64_t max_address = std::numeric_limits<uint64_t>::max();
|
||
|
||
if (address > max_address - non_address_offset)
|
||
return;
|
||
|
||
constexpr uint64_t kRegisterByteOffset = 128;
|
||
const uint64_t target = address - kRegisterByteOffset;
|
||
constexpr uint64_t size = 512;
|
||
static_assert(kRegisterByteOffset <= size / 2, "negative offset too large");
|
||
|
||
IOSIntermediateDumpWriter::ScopedArrayMap memory_region(writer);
|
||
WriteProperty(
|
||
writer, IntermediateDumpKey::kThreadContextMemoryRegionAddress, &target);
|
||
// Don't use WritePropertyBytes, this one will fail regularly if |target|
|
||
// cannot be read.
|
||
writer->AddPropertyBytes(IntermediateDumpKey::kThreadContextMemoryRegionData,
|
||
reinterpret_cast<const void*>(target),
|
||
size);
|
||
}
|
||
|
||
void CaptureMemoryPointedToByThreadState(IOSIntermediateDumpWriter* writer,
|
||
thread_state_type thread_state) {
|
||
IOSIntermediateDumpWriter::ScopedArray memory_regions(
|
||
writer, IntermediateDumpKey::kThreadContextMemoryRegions);
|
||
|
||
#if defined(ARCH_CPU_X86_64)
|
||
MaybeCaptureMemoryAround(writer, thread_state.__rax);
|
||
MaybeCaptureMemoryAround(writer, thread_state.__rbx);
|
||
MaybeCaptureMemoryAround(writer, thread_state.__rcx);
|
||
MaybeCaptureMemoryAround(writer, thread_state.__rdx);
|
||
MaybeCaptureMemoryAround(writer, thread_state.__rdi);
|
||
MaybeCaptureMemoryAround(writer, thread_state.__rsi);
|
||
MaybeCaptureMemoryAround(writer, thread_state.__rbp);
|
||
MaybeCaptureMemoryAround(writer, thread_state.__r8);
|
||
MaybeCaptureMemoryAround(writer, thread_state.__r9);
|
||
MaybeCaptureMemoryAround(writer, thread_state.__r10);
|
||
MaybeCaptureMemoryAround(writer, thread_state.__r11);
|
||
MaybeCaptureMemoryAround(writer, thread_state.__r12);
|
||
MaybeCaptureMemoryAround(writer, thread_state.__r13);
|
||
MaybeCaptureMemoryAround(writer, thread_state.__r14);
|
||
MaybeCaptureMemoryAround(writer, thread_state.__r15);
|
||
MaybeCaptureMemoryAround(writer, thread_state.__rip);
|
||
#elif defined(ARCH_CPU_ARM_FAMILY)
|
||
MaybeCaptureMemoryAround(writer, arm_thread_state64_get_pc(thread_state));
|
||
for (size_t i = 0; i < std::size(thread_state.__x); ++i) {
|
||
MaybeCaptureMemoryAround(writer, thread_state.__x[i]);
|
||
}
|
||
#endif
|
||
}
|
||
|
||
void WriteCrashpadSimpleAnnotationsDictionary(IOSIntermediateDumpWriter* writer,
|
||
CrashpadInfo* crashpad_info) {
|
||
if (!crashpad_info->simple_annotations())
|
||
return;
|
||
|
||
ScopedVMRead<SimpleStringDictionary> simple_annotations;
|
||
if (!simple_annotations.Read(crashpad_info->simple_annotations())) {
|
||
CRASHPAD_RAW_LOG("Unable to read simple annotations.");
|
||
return;
|
||
}
|
||
|
||
const size_t count = simple_annotations->GetCount();
|
||
if (!count)
|
||
return;
|
||
|
||
IOSIntermediateDumpWriter::ScopedArray annotations_array(
|
||
writer, IntermediateDumpKey::kAnnotationsSimpleMap);
|
||
|
||
SimpleStringDictionary::Entry* entries =
|
||
reinterpret_cast<SimpleStringDictionary::Entry*>(
|
||
simple_annotations.get());
|
||
for (size_t index = 0; index < count; index++) {
|
||
IOSIntermediateDumpWriter::ScopedArrayMap annotation_map(writer);
|
||
const auto& entry = entries[index];
|
||
size_t key_length = strnlen(entry.key, sizeof(entry.key));
|
||
WritePropertyBytes(writer,
|
||
IntermediateDumpKey::kAnnotationName,
|
||
reinterpret_cast<const void*>(entry.key),
|
||
key_length);
|
||
size_t value_length = strnlen(entry.value, sizeof(entry.value));
|
||
WritePropertyBytes(writer,
|
||
IntermediateDumpKey::kAnnotationValue,
|
||
reinterpret_cast<const void*>(entry.value),
|
||
value_length);
|
||
}
|
||
}
|
||
|
||
void WriteAppleCrashReporterAnnotations(
|
||
IOSIntermediateDumpWriter* writer,
|
||
crashreporter_annotations_t* crash_info) {
|
||
// This number was totally made up out of nowhere, but it seems prudent to
|
||
// enforce some limit.
|
||
constexpr size_t kMaxMessageSize = 1024;
|
||
IOSIntermediateDumpWriter::ScopedMap annotation_map(
|
||
writer, IntermediateDumpKey::kAnnotationsCrashInfo);
|
||
if (crash_info->message) {
|
||
const size_t message_len = strnlen(
|
||
reinterpret_cast<const char*>(crash_info->message), kMaxMessageSize);
|
||
WritePropertyBytes(writer,
|
||
IntermediateDumpKey::kAnnotationsCrashInfoMessage1,
|
||
reinterpret_cast<const void*>(crash_info->message),
|
||
message_len);
|
||
}
|
||
if (crash_info->message2) {
|
||
const size_t message_len = strnlen(
|
||
reinterpret_cast<const char*>(crash_info->message2), kMaxMessageSize);
|
||
WritePropertyBytes(writer,
|
||
IntermediateDumpKey::kAnnotationsCrashInfoMessage2,
|
||
reinterpret_cast<const void*>(crash_info->message2),
|
||
message_len);
|
||
}
|
||
}
|
||
|
||
} // namespace
|
||
|
||
// static
|
||
void InProcessIntermediateDumpHandler::WriteHeader(
|
||
IOSIntermediateDumpWriter* writer) {
|
||
static constexpr uint8_t version = 1;
|
||
WriteProperty(writer, IntermediateDumpKey::kVersion, &version);
|
||
}
|
||
|
||
// static
|
||
void InProcessIntermediateDumpHandler::WriteProcessInfo(
|
||
IOSIntermediateDumpWriter* writer,
|
||
const std::map<std::string, std::string>& annotations) {
|
||
IOSIntermediateDumpWriter::ScopedMap process_map(
|
||
writer, IntermediateDumpKey::kProcessInfo);
|
||
|
||
timeval snapshot_time;
|
||
if (gettimeofday(&snapshot_time, nullptr) == 0) {
|
||
WriteProperty(writer, IntermediateDumpKey::kSnapshotTime, &snapshot_time);
|
||
} else {
|
||
CRASHPAD_RAW_LOG("gettimeofday");
|
||
}
|
||
|
||
// Used by pid, parent pid and snapshot time.
|
||
kinfo_proc kern_proc_info;
|
||
int mib[] = {CTL_KERN, KERN_PROC, KERN_PROC_PID, getpid()};
|
||
size_t len = sizeof(kern_proc_info);
|
||
if (sysctl(mib, std::size(mib), &kern_proc_info, &len, nullptr, 0) == 0) {
|
||
WriteProperty(
|
||
writer, IntermediateDumpKey::kPID, &kern_proc_info.kp_proc.p_pid);
|
||
WriteProperty(writer,
|
||
IntermediateDumpKey::kParentPID,
|
||
&kern_proc_info.kp_eproc.e_ppid);
|
||
WriteProperty(writer,
|
||
IntermediateDumpKey::kStartTime,
|
||
&kern_proc_info.kp_proc.p_starttime);
|
||
} else {
|
||
CRASHPAD_RAW_LOG("sysctl kern_proc_info");
|
||
}
|
||
|
||
// Used by user time and system time.
|
||
mach_task_basic_info task_basic_info;
|
||
mach_msg_type_number_t task_basic_info_count = MACH_TASK_BASIC_INFO_COUNT;
|
||
kern_return_t kr = task_info(mach_task_self(),
|
||
MACH_TASK_BASIC_INFO,
|
||
reinterpret_cast<task_info_t>(&task_basic_info),
|
||
&task_basic_info_count);
|
||
if (kr == KERN_SUCCESS) {
|
||
IOSIntermediateDumpWriter::ScopedMap task_info(
|
||
writer, IntermediateDumpKey::kTaskBasicInfo);
|
||
|
||
WriteProperty(
|
||
writer, IntermediateDumpKey::kUserTime, &task_basic_info.user_time);
|
||
WriteProperty(
|
||
writer, IntermediateDumpKey::kSystemTime, &task_basic_info.system_time);
|
||
} else {
|
||
CRASHPAD_RAW_LOG("task_info task_basic_info");
|
||
}
|
||
|
||
task_thread_times_info_data_t task_thread_times;
|
||
mach_msg_type_number_t task_thread_times_count = TASK_THREAD_TIMES_INFO_COUNT;
|
||
kr = task_info(mach_task_self(),
|
||
TASK_THREAD_TIMES_INFO,
|
||
reinterpret_cast<task_info_t>(&task_thread_times),
|
||
&task_thread_times_count);
|
||
if (kr == KERN_SUCCESS) {
|
||
IOSIntermediateDumpWriter::ScopedMap task_thread_times_map(
|
||
writer, IntermediateDumpKey::kTaskThreadTimes);
|
||
|
||
WriteProperty(
|
||
writer, IntermediateDumpKey::kUserTime, &task_thread_times.user_time);
|
||
WriteProperty(writer,
|
||
IntermediateDumpKey::kSystemTime,
|
||
&task_thread_times.system_time);
|
||
} else {
|
||
CRASHPAD_RAW_LOG("task_info thread_times_info");
|
||
}
|
||
|
||
if (!annotations.empty()) {
|
||
IOSIntermediateDumpWriter::ScopedArray simple_annotations_array(
|
||
writer, IntermediateDumpKey::kAnnotationsSimpleMap);
|
||
for (const auto& annotation_pair : annotations) {
|
||
const std::string& key = annotation_pair.first;
|
||
const std::string& value = annotation_pair.second;
|
||
IOSIntermediateDumpWriter::ScopedArrayMap annotation_map(writer);
|
||
WriteProperty(writer,
|
||
IntermediateDumpKey::kAnnotationName,
|
||
key.c_str(),
|
||
key.length());
|
||
WriteProperty(writer,
|
||
IntermediateDumpKey::kAnnotationValue,
|
||
value.c_str(),
|
||
value.length());
|
||
}
|
||
}
|
||
}
|
||
|
||
// static
|
||
void InProcessIntermediateDumpHandler::WriteSystemInfo(
|
||
IOSIntermediateDumpWriter* writer,
|
||
const IOSSystemDataCollector& system_data,
|
||
uint64_t report_time_nanos) {
|
||
IOSIntermediateDumpWriter::ScopedMap system_map(
|
||
writer, IntermediateDumpKey::kSystemInfo);
|
||
|
||
const std::string& machine_description = system_data.MachineDescription();
|
||
WriteProperty(writer,
|
||
IntermediateDumpKey::kMachineDescription,
|
||
machine_description.c_str(),
|
||
machine_description.length());
|
||
int os_version_major;
|
||
int os_version_minor;
|
||
int os_version_bugfix;
|
||
system_data.OSVersion(
|
||
&os_version_major, &os_version_minor, &os_version_bugfix);
|
||
WriteProperty(
|
||
writer, IntermediateDumpKey::kOSVersionMajor, &os_version_major);
|
||
WriteProperty(
|
||
writer, IntermediateDumpKey::kOSVersionMinor, &os_version_minor);
|
||
WriteProperty(
|
||
writer, IntermediateDumpKey::kOSVersionBugfix, &os_version_bugfix);
|
||
const std::string& os_version_build = system_data.Build();
|
||
WriteProperty(writer,
|
||
IntermediateDumpKey::kOSVersionBuild,
|
||
os_version_build.c_str(),
|
||
os_version_build.length());
|
||
|
||
int cpu_count = system_data.ProcessorCount();
|
||
WriteProperty(writer, IntermediateDumpKey::kCpuCount, &cpu_count);
|
||
const std::string& cpu_vendor = system_data.CPUVendor();
|
||
WriteProperty(writer,
|
||
IntermediateDumpKey::kCpuVendor,
|
||
cpu_vendor.c_str(),
|
||
cpu_vendor.length());
|
||
|
||
bool has_daylight_saving_time = system_data.HasDaylightSavingTime();
|
||
WriteProperty(writer,
|
||
IntermediateDumpKey::kHasDaylightSavingTime,
|
||
&has_daylight_saving_time);
|
||
bool is_daylight_saving_time = system_data.IsDaylightSavingTime();
|
||
WriteProperty(writer,
|
||
IntermediateDumpKey::kIsDaylightSavingTime,
|
||
&is_daylight_saving_time);
|
||
int standard_offset_seconds = system_data.StandardOffsetSeconds();
|
||
WriteProperty(writer,
|
||
IntermediateDumpKey::kStandardOffsetSeconds,
|
||
&standard_offset_seconds);
|
||
int daylight_offset_seconds = system_data.DaylightOffsetSeconds();
|
||
WriteProperty(writer,
|
||
IntermediateDumpKey::kDaylightOffsetSeconds,
|
||
&daylight_offset_seconds);
|
||
const std::string& standard_name = system_data.StandardName();
|
||
WriteProperty(writer,
|
||
IntermediateDumpKey::kStandardName,
|
||
standard_name.c_str(),
|
||
standard_name.length());
|
||
const std::string& daylight_name = system_data.DaylightName();
|
||
WriteProperty(writer,
|
||
IntermediateDumpKey::kDaylightName,
|
||
daylight_name.c_str(),
|
||
daylight_name.length());
|
||
uint64_t address_mask = system_data.AddressMask();
|
||
WriteProperty(writer, IntermediateDumpKey::kAddressMask, &address_mask);
|
||
|
||
vm_size_t page_size;
|
||
host_page_size(mach_host_self(), &page_size);
|
||
WriteProperty(writer, IntermediateDumpKey::kPageSize, &page_size);
|
||
|
||
mach_msg_type_number_t host_size =
|
||
sizeof(vm_statistics_data_t) / sizeof(integer_t);
|
||
vm_statistics_data_t vm_stat;
|
||
kern_return_t kr = host_statistics(mach_host_self(),
|
||
HOST_VM_INFO,
|
||
reinterpret_cast<host_info_t>(&vm_stat),
|
||
&host_size);
|
||
if (kr == KERN_SUCCESS) {
|
||
IOSIntermediateDumpWriter::ScopedMap vm_stat_map(
|
||
writer, IntermediateDumpKey::kVMStat);
|
||
|
||
WriteProperty(writer, IntermediateDumpKey::kActive, &vm_stat.active_count);
|
||
WriteProperty(
|
||
writer, IntermediateDumpKey::kInactive, &vm_stat.inactive_count);
|
||
WriteProperty(writer, IntermediateDumpKey::kWired, &vm_stat.wire_count);
|
||
WriteProperty(writer, IntermediateDumpKey::kFree, &vm_stat.free_count);
|
||
} else {
|
||
CRASHPAD_RAW_LOG("host_statistics");
|
||
}
|
||
|
||
uint64_t crashpad_uptime_nanos =
|
||
report_time_nanos - system_data.InitializationTime();
|
||
WriteProperty(
|
||
writer, IntermediateDumpKey::kCrashpadUptime, &crashpad_uptime_nanos);
|
||
}
|
||
|
||
// static
|
||
void InProcessIntermediateDumpHandler::WriteThreadInfo(
|
||
IOSIntermediateDumpWriter* writer,
|
||
const uint64_t* frames,
|
||
const size_t num_frames) {
|
||
IOSIntermediateDumpWriter::ScopedArray thread_array(
|
||
writer, IntermediateDumpKey::kThreads);
|
||
|
||
// Exception thread ID.
|
||
#if defined(ARCH_CPU_ARM64)
|
||
uint64_t exception_thread_id = 0;
|
||
#endif
|
||
thread_identifier_info identifier_info;
|
||
mach_msg_type_number_t count = THREAD_IDENTIFIER_INFO_COUNT;
|
||
kern_return_t kr =
|
||
thread_info(mach_thread_self(),
|
||
THREAD_IDENTIFIER_INFO,
|
||
reinterpret_cast<thread_info_t>(&identifier_info),
|
||
&count);
|
||
if (kr == KERN_SUCCESS) {
|
||
#if defined(ARCH_CPU_ARM64)
|
||
exception_thread_id = identifier_info.thread_id;
|
||
#endif
|
||
} else {
|
||
CRASHPAD_RAW_LOG_ERROR(kr, "thread_info::THREAD_IDENTIFIER_INFO");
|
||
}
|
||
|
||
mach_msg_type_number_t thread_count = 0;
|
||
thread_act_array_t threads;
|
||
kr = task_threads(mach_task_self(), &threads, &thread_count);
|
||
if (kr != KERN_SUCCESS) {
|
||
CRASHPAD_RAW_LOG_ERROR(kr, "task_threads");
|
||
}
|
||
ScopedTaskThreads threads_vm_owner(threads, thread_count);
|
||
|
||
for (uint32_t thread_index = 0; thread_index < thread_count; ++thread_index) {
|
||
IOSIntermediateDumpWriter::ScopedArrayMap thread_map(writer);
|
||
thread_t thread = threads[thread_index];
|
||
|
||
thread_basic_info basic_info;
|
||
count = THREAD_BASIC_INFO_COUNT;
|
||
kr = thread_info(thread,
|
||
THREAD_BASIC_INFO,
|
||
reinterpret_cast<thread_info_t>(&basic_info),
|
||
&count);
|
||
if (kr == KERN_SUCCESS) {
|
||
WriteProperty(writer,
|
||
IntermediateDumpKey::kSuspendCount,
|
||
&basic_info.suspend_count);
|
||
} else {
|
||
CRASHPAD_RAW_LOG_ERROR(kr, "thread_info::THREAD_BASIC_INFO");
|
||
}
|
||
|
||
thread_extended_info extended_info;
|
||
count = THREAD_EXTENDED_INFO_COUNT;
|
||
kr = thread_info(thread,
|
||
THREAD_EXTENDED_INFO,
|
||
reinterpret_cast<thread_info_t>(&extended_info),
|
||
&count);
|
||
if (kr == KERN_SUCCESS) {
|
||
WritePropertyBytes(
|
||
writer,
|
||
IntermediateDumpKey::kThreadName,
|
||
reinterpret_cast<const void*>(extended_info.pth_name),
|
||
strnlen(extended_info.pth_name, sizeof(extended_info.pth_name)));
|
||
} else {
|
||
CRASHPAD_RAW_LOG_ERROR(kr, "thread_info::THREAD_EXTENDED_INFO");
|
||
}
|
||
|
||
thread_precedence_policy precedence;
|
||
count = THREAD_PRECEDENCE_POLICY_COUNT;
|
||
boolean_t get_default = FALSE;
|
||
kr = thread_policy_get(thread,
|
||
THREAD_PRECEDENCE_POLICY,
|
||
reinterpret_cast<thread_policy_t>(&precedence),
|
||
&count,
|
||
&get_default);
|
||
if (kr == KERN_SUCCESS) {
|
||
WriteProperty(
|
||
writer, IntermediateDumpKey::kPriority, &precedence.importance);
|
||
} else {
|
||
CRASHPAD_RAW_LOG_ERROR(kr, "thread_policy_get");
|
||
}
|
||
|
||
// Thread ID.
|
||
#if defined(ARCH_CPU_ARM64)
|
||
uint64_t thread_id;
|
||
#endif
|
||
count = THREAD_IDENTIFIER_INFO_COUNT;
|
||
kr = thread_info(thread,
|
||
THREAD_IDENTIFIER_INFO,
|
||
reinterpret_cast<thread_info_t>(&identifier_info),
|
||
&count);
|
||
if (kr == KERN_SUCCESS) {
|
||
#if defined(ARCH_CPU_ARM64)
|
||
thread_id = identifier_info.thread_id;
|
||
#endif
|
||
WriteProperty(
|
||
writer, IntermediateDumpKey::kThreadID, &identifier_info.thread_id);
|
||
WriteProperty(writer,
|
||
IntermediateDumpKey::kThreadDataAddress,
|
||
&identifier_info.thread_handle);
|
||
} else {
|
||
CRASHPAD_RAW_LOG_ERROR(kr, "thread_info::THREAD_IDENTIFIER_INFO");
|
||
}
|
||
|
||
// thread_snapshot_ios_intermediate_dump::GenerateStackMemoryFromFrames is
|
||
// only implemented for arm64, so no x86_64 block here.
|
||
#if defined(ARCH_CPU_ARM64)
|
||
// For uncaught NSExceptions, use the frames passed from the system rather
|
||
// than the current thread state.
|
||
if (num_frames > 0 && exception_thread_id == thread_id) {
|
||
WriteProperty(writer,
|
||
IntermediateDumpKey::kThreadUncaughtNSExceptionFrames,
|
||
frames,
|
||
num_frames);
|
||
continue;
|
||
}
|
||
#endif
|
||
|
||
#if defined(ARCH_CPU_X86_64)
|
||
x86_thread_state64_t thread_state;
|
||
x86_float_state64_t float_state;
|
||
x86_debug_state64_t debug_state;
|
||
mach_msg_type_number_t thread_state_count = x86_THREAD_STATE64_COUNT;
|
||
mach_msg_type_number_t float_state_count = x86_FLOAT_STATE64_COUNT;
|
||
mach_msg_type_number_t debug_state_count = x86_DEBUG_STATE64_COUNT;
|
||
#elif defined(ARCH_CPU_ARM64)
|
||
arm_thread_state64_t thread_state;
|
||
arm_neon_state64_t float_state;
|
||
arm_debug_state64_t debug_state;
|
||
mach_msg_type_number_t thread_state_count = ARM_THREAD_STATE64_COUNT;
|
||
mach_msg_type_number_t float_state_count = ARM_NEON_STATE64_COUNT;
|
||
mach_msg_type_number_t debug_state_count = ARM_DEBUG_STATE64_COUNT;
|
||
#endif
|
||
|
||
kr = thread_get_state(thread,
|
||
kThreadStateFlavor,
|
||
reinterpret_cast<thread_state_t>(&thread_state),
|
||
&thread_state_count);
|
||
if (kr != KERN_SUCCESS) {
|
||
CRASHPAD_RAW_LOG_ERROR(kr, "thread_get_state::kThreadStateFlavor");
|
||
}
|
||
WriteProperty(writer, IntermediateDumpKey::kThreadState, &thread_state);
|
||
|
||
kr = thread_get_state(thread,
|
||
kFloatStateFlavor,
|
||
reinterpret_cast<thread_state_t>(&float_state),
|
||
&float_state_count);
|
||
if (kr != KERN_SUCCESS) {
|
||
CRASHPAD_RAW_LOG_ERROR(kr, "thread_get_state::kFloatStateFlavor");
|
||
}
|
||
WriteProperty(writer, IntermediateDumpKey::kFloatState, &float_state);
|
||
|
||
kr = thread_get_state(thread,
|
||
kDebugStateFlavor,
|
||
reinterpret_cast<thread_state_t>(&debug_state),
|
||
&debug_state_count);
|
||
if (kr != KERN_SUCCESS) {
|
||
CRASHPAD_RAW_LOG_ERROR(kr, "thread_get_state::kDebugStateFlavor");
|
||
}
|
||
WriteProperty(writer, IntermediateDumpKey::kDebugState, &debug_state);
|
||
|
||
#if defined(ARCH_CPU_X86_64)
|
||
vm_address_t stack_pointer = thread_state.__rsp;
|
||
#elif defined(ARCH_CPU_ARM64)
|
||
vm_address_t stack_pointer = arm_thread_state64_get_sp(thread_state);
|
||
#endif
|
||
|
||
vm_size_t stack_region_size;
|
||
const vm_address_t stack_region_address =
|
||
CalculateStackRegion(stack_pointer, &stack_region_size);
|
||
WriteProperty(writer,
|
||
IntermediateDumpKey::kStackRegionAddress,
|
||
&stack_region_address);
|
||
WritePropertyBytes(writer,
|
||
IntermediateDumpKey::kStackRegionData,
|
||
reinterpret_cast<const void*>(stack_region_address),
|
||
stack_region_size);
|
||
|
||
// Grab extra memory from context.
|
||
CaptureMemoryPointedToByThreadState(writer, thread_state);
|
||
}
|
||
}
|
||
|
||
// static
|
||
void InProcessIntermediateDumpHandler::WriteModuleInfo(
|
||
IOSIntermediateDumpWriter* writer) {
|
||
#ifndef ARCH_CPU_64_BITS
|
||
#error Only 64-bit Mach-O is supported
|
||
#endif
|
||
|
||
IOSIntermediateDumpWriter::ScopedArray module_array(
|
||
writer, IntermediateDumpKey::kModules);
|
||
|
||
task_dyld_info_data_t dyld_info;
|
||
mach_msg_type_number_t count = TASK_DYLD_INFO_COUNT;
|
||
kern_return_t kr = task_info(mach_task_self(),
|
||
TASK_DYLD_INFO,
|
||
reinterpret_cast<task_info_t>(&dyld_info),
|
||
&count);
|
||
if (kr != KERN_SUCCESS) {
|
||
CRASHPAD_RAW_LOG_ERROR(kr, "task_info");
|
||
}
|
||
|
||
ScopedVMRead<dyld_all_image_infos> image_infos;
|
||
if (!image_infos.Read(dyld_info.all_image_info_addr)) {
|
||
CRASHPAD_RAW_LOG("Unable to dyld_info.all_image_info_addr");
|
||
return;
|
||
}
|
||
|
||
uint32_t image_count = image_infos->infoArrayCount;
|
||
const dyld_image_info* image_array = image_infos->infoArray;
|
||
for (int32_t image_index = image_count - 1; image_index >= 0; --image_index) {
|
||
IOSIntermediateDumpWriter::ScopedArrayMap modules(writer);
|
||
ScopedVMRead<dyld_image_info> image;
|
||
if (!image.Read(&image_array[image_index])) {
|
||
CRASHPAD_RAW_LOG("Unable to dyld_image_info");
|
||
continue;
|
||
}
|
||
|
||
if (image->imageFilePath) {
|
||
WritePropertyCString(
|
||
writer, IntermediateDumpKey::kName, PATH_MAX, image->imageFilePath);
|
||
}
|
||
uint64_t address = FromPointerCast<uint64_t>(image->imageLoadAddress);
|
||
WriteProperty(writer, IntermediateDumpKey::kAddress, &address);
|
||
WriteProperty(
|
||
writer, IntermediateDumpKey::kTimestamp, &image->imageFileModDate);
|
||
WriteModuleInfoAtAddress(writer, address, false /*is_dyld=false*/);
|
||
}
|
||
|
||
{
|
||
IOSIntermediateDumpWriter::ScopedArrayMap modules(writer);
|
||
if (image_infos->dyldPath) {
|
||
WritePropertyCString(
|
||
writer, IntermediateDumpKey::kName, PATH_MAX, image_infos->dyldPath);
|
||
}
|
||
uint64_t address =
|
||
FromPointerCast<uint64_t>(image_infos->dyldImageLoadAddress);
|
||
WriteProperty(writer, IntermediateDumpKey::kAddress, &address);
|
||
WriteModuleInfoAtAddress(writer, address, true /*is_dyld=true*/);
|
||
}
|
||
}
|
||
|
||
// static
|
||
void InProcessIntermediateDumpHandler::WriteExceptionFromSignal(
|
||
IOSIntermediateDumpWriter* writer,
|
||
const IOSSystemDataCollector& system_data,
|
||
siginfo_t* siginfo,
|
||
ucontext_t* context) {
|
||
IOSIntermediateDumpWriter::ScopedMap signal_exception_map(
|
||
writer, IntermediateDumpKey::kSignalException);
|
||
|
||
WriteProperty(writer, IntermediateDumpKey::kSignalNumber, &siginfo->si_signo);
|
||
WriteProperty(writer, IntermediateDumpKey::kSignalCode, &siginfo->si_code);
|
||
WriteProperty(writer, IntermediateDumpKey::kSignalAddress, &siginfo->si_addr);
|
||
|
||
#if defined(ARCH_CPU_X86_64)
|
||
x86_thread_state64_t thread_state = context->uc_mcontext->__ss;
|
||
x86_float_state64_t float_state = context->uc_mcontext->__fs;
|
||
#elif defined(ARCH_CPU_ARM64)
|
||
arm_thread_state64_t thread_state = context->uc_mcontext->__ss;
|
||
arm_neon_state64_t float_state = context->uc_mcontext->__ns;
|
||
#else
|
||
#error Port to your CPU architecture
|
||
#endif
|
||
WriteProperty(writer, IntermediateDumpKey::kThreadState, &thread_state);
|
||
WriteProperty(writer, IntermediateDumpKey::kFloatState, &float_state);
|
||
CaptureMemoryPointedToByThreadState(writer, thread_state);
|
||
|
||
// Thread ID.
|
||
thread_identifier_info identifier_info;
|
||
mach_msg_type_number_t count = THREAD_IDENTIFIER_INFO_COUNT;
|
||
kern_return_t kr =
|
||
thread_info(mach_thread_self(),
|
||
THREAD_IDENTIFIER_INFO,
|
||
reinterpret_cast<thread_info_t>(&identifier_info),
|
||
&count);
|
||
if (kr == KERN_SUCCESS) {
|
||
WriteProperty(
|
||
writer, IntermediateDumpKey::kThreadID, &identifier_info.thread_id);
|
||
} else {
|
||
CRASHPAD_RAW_LOG_ERROR(kr, "thread_info::self");
|
||
}
|
||
}
|
||
|
||
// static
|
||
void InProcessIntermediateDumpHandler::WriteExceptionFromMachException(
|
||
IOSIntermediateDumpWriter* writer,
|
||
exception_behavior_t behavior,
|
||
thread_t exception_thread,
|
||
exception_type_t exception,
|
||
const mach_exception_data_type_t* code,
|
||
mach_msg_type_number_t code_count,
|
||
thread_state_flavor_t flavor,
|
||
ConstThreadState state,
|
||
mach_msg_type_number_t state_count) {
|
||
IOSIntermediateDumpWriter::ScopedMap mach_exception_map(
|
||
writer, IntermediateDumpKey::kMachException);
|
||
|
||
WriteProperty(writer, IntermediateDumpKey::kException, &exception);
|
||
WriteProperty(writer, IntermediateDumpKey::kCodes, code, code_count);
|
||
WriteProperty(writer, IntermediateDumpKey::kFlavor, &flavor);
|
||
WritePropertyBytes(writer,
|
||
IntermediateDumpKey::kState,
|
||
state,
|
||
state_count * sizeof(uint32_t));
|
||
|
||
thread_identifier_info identifier_info;
|
||
mach_msg_type_number_t count = THREAD_IDENTIFIER_INFO_COUNT;
|
||
kern_return_t kr =
|
||
thread_info(exception_thread,
|
||
THREAD_IDENTIFIER_INFO,
|
||
reinterpret_cast<thread_info_t>(&identifier_info),
|
||
&count);
|
||
if (kr == KERN_SUCCESS) {
|
||
WriteProperty(
|
||
writer, IntermediateDumpKey::kThreadID, &identifier_info.thread_id);
|
||
} else {
|
||
CRASHPAD_RAW_LOG_ERROR(kr, "thread_info");
|
||
}
|
||
}
|
||
|
||
// static
|
||
void InProcessIntermediateDumpHandler::WriteExceptionFromNSException(
|
||
IOSIntermediateDumpWriter* writer) {
|
||
IOSIntermediateDumpWriter::ScopedMap nsexception_map(
|
||
writer, IntermediateDumpKey::kNSException);
|
||
|
||
thread_identifier_info identifier_info;
|
||
mach_msg_type_number_t count = THREAD_IDENTIFIER_INFO_COUNT;
|
||
kern_return_t kr =
|
||
thread_info(mach_thread_self(),
|
||
THREAD_IDENTIFIER_INFO,
|
||
reinterpret_cast<thread_info_t>(&identifier_info),
|
||
&count);
|
||
if (kr == KERN_SUCCESS) {
|
||
WriteProperty(
|
||
writer, IntermediateDumpKey::kThreadID, &identifier_info.thread_id);
|
||
} else {
|
||
CRASHPAD_RAW_LOG_ERROR(kr, "thread_info::self");
|
||
}
|
||
}
|
||
|
||
void InProcessIntermediateDumpHandler::WriteModuleInfoAtAddress(
|
||
IOSIntermediateDumpWriter* writer,
|
||
uint64_t address,
|
||
bool is_dyld) {
|
||
ScopedVMRead<mach_header_64> header;
|
||
if (!header.Read(address) || header->magic != MH_MAGIC_64) {
|
||
CRASHPAD_RAW_LOG("Invalid module header");
|
||
return;
|
||
}
|
||
|
||
const load_command* unsafe_command_ptr =
|
||
reinterpret_cast<const load_command*>(
|
||
reinterpret_cast<const mach_header_64*>(address) + 1);
|
||
|
||
// Rather than using an individual ScopedVMRead for each load_command, load
|
||
// the entire block of commands at once.
|
||
ScopedVMRead<char> all_commands;
|
||
if (!all_commands.Read(unsafe_command_ptr, header->sizeofcmds)) {
|
||
CRASHPAD_RAW_LOG("Unable to read module load_commands.");
|
||
return;
|
||
}
|
||
|
||
// All the *_vm_read_ptr variables in the load_command loop below have been
|
||
// vm_read in `all_commands` above, and may be dereferenced without additional
|
||
// ScopedVMReads.
|
||
const load_command* command_vm_read_ptr =
|
||
reinterpret_cast<const load_command*>(all_commands.get());
|
||
|
||
// Make sure that the basic load command structure doesn’t overflow the
|
||
// space allotted for load commands, as well as iterating through ncmds.
|
||
vm_size_t slide = 0;
|
||
for (uint32_t cmd_index = 0, cumulative_cmd_size = 0;
|
||
cmd_index < header->ncmds && cumulative_cmd_size < header->sizeofcmds;
|
||
++cmd_index) {
|
||
if (command_vm_read_ptr->cmd == LC_SEGMENT_64) {
|
||
const segment_command_64* segment_vm_read_ptr =
|
||
reinterpret_cast<const segment_command_64*>(command_vm_read_ptr);
|
||
if (strcmp(segment_vm_read_ptr->segname, SEG_TEXT) == 0) {
|
||
WriteProperty(
|
||
writer, IntermediateDumpKey::kSize, &segment_vm_read_ptr->vmsize);
|
||
slide = address - segment_vm_read_ptr->vmaddr;
|
||
} else if (strcmp(segment_vm_read_ptr->segname, SEG_DATA) == 0) {
|
||
WriteDataSegmentAnnotations(writer, segment_vm_read_ptr, slide);
|
||
}
|
||
} else if (command_vm_read_ptr->cmd == LC_ID_DYLIB) {
|
||
const dylib_command* dylib_vm_read_ptr =
|
||
reinterpret_cast<const dylib_command*>(command_vm_read_ptr);
|
||
WriteProperty(writer,
|
||
IntermediateDumpKey::kDylibCurrentVersion,
|
||
&dylib_vm_read_ptr->dylib.current_version);
|
||
} else if (command_vm_read_ptr->cmd == LC_SOURCE_VERSION) {
|
||
const source_version_command* source_version_vm_read_ptr =
|
||
reinterpret_cast<const source_version_command*>(command_vm_read_ptr);
|
||
WriteProperty(writer,
|
||
IntermediateDumpKey::kSourceVersion,
|
||
&source_version_vm_read_ptr->version);
|
||
} else if (command_vm_read_ptr->cmd == LC_UUID) {
|
||
const uuid_command* uuid_vm_read_ptr =
|
||
reinterpret_cast<const uuid_command*>(command_vm_read_ptr);
|
||
WriteProperty(
|
||
writer, IntermediateDumpKey::kUUID, &uuid_vm_read_ptr->uuid);
|
||
}
|
||
|
||
cumulative_cmd_size += command_vm_read_ptr->cmdsize;
|
||
command_vm_read_ptr = reinterpret_cast<const load_command*>(
|
||
reinterpret_cast<const uint8_t*>(command_vm_read_ptr) +
|
||
command_vm_read_ptr->cmdsize);
|
||
}
|
||
|
||
WriteProperty(writer, IntermediateDumpKey::kFileType, &header->filetype);
|
||
}
|
||
|
||
void InProcessIntermediateDumpHandler::WriteDataSegmentAnnotations(
|
||
IOSIntermediateDumpWriter* writer,
|
||
const segment_command_64* segment_vm_read_ptr,
|
||
vm_size_t slide) {
|
||
const section_64* section_vm_read_ptr = reinterpret_cast<const section_64*>(
|
||
reinterpret_cast<uint64_t>(segment_vm_read_ptr) +
|
||
sizeof(segment_command_64));
|
||
for (uint32_t sect_index = 0; sect_index <= segment_vm_read_ptr->nsects;
|
||
++sect_index) {
|
||
if (strcmp(section_vm_read_ptr->sectname, "crashpad_info") == 0) {
|
||
ScopedVMRead<CrashpadInfo> crashpad_info;
|
||
if (crashpad_info.Read(section_vm_read_ptr->addr + slide) &&
|
||
crashpad_info->size() == sizeof(CrashpadInfo) &&
|
||
crashpad_info->signature() == CrashpadInfo::kSignature &&
|
||
crashpad_info->version() == 1) {
|
||
WriteCrashpadAnnotationsList(writer, crashpad_info.get());
|
||
WriteCrashpadSimpleAnnotationsDictionary(writer, crashpad_info.get());
|
||
}
|
||
} else if (strcmp(section_vm_read_ptr->sectname, "__crash_info") == 0) {
|
||
ScopedVMRead<crashreporter_annotations_t> crash_info;
|
||
if (!crash_info.Read(section_vm_read_ptr->addr + slide) ||
|
||
(crash_info->version != 4 && crash_info->version != 5)) {
|
||
continue;
|
||
}
|
||
WriteAppleCrashReporterAnnotations(writer, crash_info.get());
|
||
}
|
||
section_vm_read_ptr = reinterpret_cast<const section_64*>(
|
||
reinterpret_cast<uint64_t>(section_vm_read_ptr) + sizeof(section_64));
|
||
}
|
||
}
|
||
|
||
void InProcessIntermediateDumpHandler::WriteCrashpadAnnotationsList(
|
||
IOSIntermediateDumpWriter* writer,
|
||
CrashpadInfo* crashpad_info) {
|
||
if (!crashpad_info->annotations_list()) {
|
||
return;
|
||
}
|
||
ScopedVMRead<AnnotationList> annotation_list;
|
||
if (!annotation_list.Read(crashpad_info->annotations_list())) {
|
||
CRASHPAD_RAW_LOG("Unable to read annotations list object");
|
||
return;
|
||
}
|
||
|
||
IOSIntermediateDumpWriter::ScopedArray annotations_array(
|
||
writer, IntermediateDumpKey::kAnnotationObjects);
|
||
ScopedVMRead<Annotation> current;
|
||
|
||
// Use vm_read() to ensure that the linked-list AnnotationList head (which is
|
||
// a dummy node of type kInvalid) is valid and copy its memory into a
|
||
// newly-allocated buffer.
|
||
//
|
||
// In the case where the pointer has been clobbered or the memory range is not
|
||
// readable, skip reading all the Annotations.
|
||
if (!current.Read(annotation_list->head())) {
|
||
CRASHPAD_RAW_LOG("Unable to read annotation");
|
||
return;
|
||
}
|
||
|
||
for (size_t index = 0;
|
||
current->link_node() != annotation_list.get()->tail_pointer() &&
|
||
index < kMaxNumberOfAnnotations;
|
||
++index) {
|
||
ScopedVMRead<Annotation> node;
|
||
|
||
// Like above, use vm_read() to ensure that the node in the linked list is
|
||
// valid and copy its memory into a newly-allocated buffer.
|
||
//
|
||
// In the case where the pointer has been clobbered or the memory range is
|
||
// not readable, skip reading this and all further Annotations.
|
||
if (!node.Read(current->link_node())) {
|
||
CRASHPAD_RAW_LOG("Unable to read annotation");
|
||
return;
|
||
}
|
||
current.Read(current->link_node());
|
||
|
||
if (node->size() == 0)
|
||
continue;
|
||
|
||
if (node->size() > Annotation::kValueMaxSize) {
|
||
CRASHPAD_RAW_LOG("Incorrect annotation length");
|
||
continue;
|
||
}
|
||
|
||
// For Annotations which support guarding reads from concurrent writes, map
|
||
// their memory read-write using vm_remap(), then declare a ScopedSpinGuard
|
||
// which lives for the duration of the read.
|
||
ScopedVMMap<Annotation> mapped_node;
|
||
std::optional<ScopedSpinGuard> annotation_guard;
|
||
if (node->concurrent_access_guard_mode() ==
|
||
Annotation::ConcurrentAccessGuardMode::kScopedSpinGuard) {
|
||
constexpr vm_prot_t kDesiredProtection = VM_PROT_WRITE | VM_PROT_READ;
|
||
if (!mapped_node.Map(node.get()) ||
|
||
(mapped_node.CurrentProtection() & kDesiredProtection) !=
|
||
kDesiredProtection) {
|
||
CRASHPAD_RAW_LOG("Unable to map annotation");
|
||
|
||
// Skip this annotation rather than giving up entirely, since the linked
|
||
// node should still be valid.
|
||
continue;
|
||
}
|
||
|
||
// TODO(https://crbug.com/crashpad/438): Pass down a `params` object into
|
||
// this method to optionally enable a timeout here.
|
||
constexpr uint64_t kTimeoutNanoseconds = 0;
|
||
annotation_guard =
|
||
mapped_node->TryCreateScopedSpinGuard(kTimeoutNanoseconds);
|
||
if (!annotation_guard) {
|
||
// This is expected if the process is writing to the Annotation, so
|
||
// don't log here and skip the annotation.
|
||
continue;
|
||
}
|
||
}
|
||
|
||
IOSIntermediateDumpWriter::ScopedArrayMap annotation_map(writer);
|
||
WritePropertyCString(writer,
|
||
IntermediateDumpKey::kAnnotationName,
|
||
Annotation::kNameMaxLength,
|
||
reinterpret_cast<const char*>(node->name()));
|
||
WritePropertyBytes(writer,
|
||
IntermediateDumpKey::kAnnotationValue,
|
||
reinterpret_cast<const void*>(node->value()),
|
||
node->size());
|
||
Annotation::Type type = node->type();
|
||
WritePropertyBytes(writer,
|
||
IntermediateDumpKey::kAnnotationType,
|
||
reinterpret_cast<const void*>(&type),
|
||
sizeof(type));
|
||
}
|
||
}
|
||
|
||
} // namespace internal
|
||
} // namespace crashpad
|